Universal decryptor key for Sodinokibi, REvil ransomware released

By Waqas Bitdefender stated that all victims who got their files/data encrypted by the REvil ransomware might use the decryptor key to restore them. This is a post from HackRead.com Read the original post: Universal decryptor key for Sodinokibi, REvil ransomware released...

REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

REvil victims, your prayers have been answered: There’s a universal decryptor key waiting to free you. Bitdefender is releasing a free, universal decryptor key to unlock data of victimized organizations that were encrypted by REvil/Sodinokibi ransomware attacks before the gang’s servers went...

Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions

A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and st...

Trickbot Malware Rebounds with Virtual-Desktop Espionage Module

The Trickbot trojan is in resurgence mode, with its operators filling out infrastructure globally and releasing an updated version of its “vncDll” module, used for monitoring and intelligence gathering, researchers said. According to an analysis this week from Bitdefender, there has been “a...

Trickbot Malware Returns with a new VNC Module to Spy on its Victims

Cybersecurity researchers have opened the lid on the continued resurgence of the insidious Trickbot malware, making it clear that the Russia-based transnational cybercrime group is working behind the scenes to revamp its attack infrastructure in response to recent counter efforts from law...

CVE-2020-15732

Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security HSTS checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender...

CVE-2020-15732

Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security HSTS checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender...

Input validation

Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security HSTS checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender...

CVE-2020-15732

CVE-2020-15732 is an improper certificate validation vulnerability in the Online Threat Prevention module used by several Bitdefender products (Total Security, Internet Security, Antivirus Plus). The issue potentially allows bypassing HTTP Strict Transport Security (HSTS) checks. Affected version...

CVE-2020-15732

Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security HSTS checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender...

Bitdefender 多款产品信任管理问题漏洞

Bitdefender Antivirus Plus is a suite of antivirus software that provides network threat detection and ransomware protection.Bitdefender Internet Security is a suite of antivirus software that focuses on Internet security. Bitdefender Antivirus Plus is a suite of antivirus programs that provides...

CVE-2021-3552

A Server-Side Request Forgery SSRF vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33...

CVE-2021-3485

An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Securit...

CVE-2021-3485

An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Securit...

Input validation

An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Securit...

CVE-2021-3485

CVE-2021-3485 affects Bitdefender Endpoint Security Tools for Linux prior to 6.2.21.155. An Improper Input Validation in the Product Update feature allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. Remediation: update to...

CVE-2021-3485 Improper Input Validation in Bitdefender Endpoint Security Tools for Linux

An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Securit...

Bitdefender Endpoint Security Tool 输入验证错误漏洞

Bitdefender Endpoint Security Tool is an endpoint security management tool from the Romanian company Bitdefender. An input validation error vulnerability exists in Product Update for Linux Bitdefender Endpoint Security Tools versions prior to 6.2.21.155, which can be exploited by an attacker to...

PT-2021-20696 · Bitdefender · Bitdefender Endpoint Security Tools For Linux

Name of the Vulnerable Software and Affected Versions: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155 Description: An Improper Input Validation issue in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to...

CVE-2021-3423

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329...