Agent Tesla Botnet - Information Disclosure

Agent Tesla Botnet - Information Disclosure Exploit Title: Agent Tesla Botnet - Information Disclosure Disclosure Vulnerability Google Dork: n/a Date: 26/11/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: http://www.agenttesla.com/ ¡ Down ! Version: unkn0wn Tested on: Windows...

Agent Tesla Botnet Information Disclosure Vulnerability

Agent Tesla Botnet suffers from an information leakage vulnerability. Exploit Title: Agent Tesla Botnet - Information Disclosure Disclosure Vulnerability Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: http://www.agenttesla.com/ ¡ Down ! Version: unkn0wn Tested on: Windows 10,...

Agent Tesla Botnet - Information Disclosure

Exploit Title: Agent Tesla Botnet - Information Disclosure Disclosure Vulnerability Google Dork: n/a Date: 26/11/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: http://www.agenttesla.com/ ¡ Down ! Version: unkn0wn Tested on: Windows 10, debian 7 CVE : n/a Greetz: Shell.root,...

Electrum DDoS botnet reaches 152,000 infected hosts

By Jérôme Segura, Adam Thomas, and S!Ri We have been closely monitoring the situation involving the continued attacks against users of the popular Electrum Bitcoin wallet. Initially, victims were being tricked to download a fraudulent update that stole their cryptocurrencies. Later on, the threat...

Agent Tesla Botnet Information Disclosure

Exploit Title: Agent Tesla Botnet - Information Disclosure Disclosure Vulnerability Google Dork: n/a Date: 26/11/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: http://www.agenttesla.com/ ¡ Down ! Version: unkn0wn Tested on: Windows 10, debian 7 CVE : n/a Greetz: Shell.root,...

Exploits for Social Warfare WordPress Plugin Reach Critical Mass

UPDATE Active exploits for a recently disclosed bug in a popular WordPress plugin, Social Warfare, are snowballing in the wild – potentially putting more than 40,000 websites at risk. The vulnerability, CVE-2019-9978, tracks both a stored cross-site scripting XSS vulnerability and a remote...

This Week in Security News: Medical Malware and Monitor Hacks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how baby monitors may be susceptible to hacking. Also, learn about a medical flaw that enables hackers to hide malware. Read on: Is Yo...

Malware targeting industrial plants: a threat to physical security

We live in a world where more and more manufacturing processes are controlled by computers that send instructions to robots. This might sound like a safe and efficient way of work, as it rules out human error, but what happens when a threat actor decides to target production servers? Consider the...

Mirai Rebirth Highlights Importance of Defending IoT

Editor’s Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. Enterprises of all sizes face a massive challenge when it come...

A week in security (April 8 – 14)

Last week on Labs, we said hello to Baldr, a new stealer on the market, we wondered who is managing the security of medical management apps, discussed the different perceptions of personal information, and we looked at fake Instagram assistance apps found on Google Play that are stealing password...

Preparing the Internet for the Next Mega DDoS Attack

When you think of a distributed denial-of-service DDoS attack at this point in the age of the internet, you might be thinking they’re old news. But when a multi-million-dollar business can be easily taken offline by an unskilled adversary and a $5 rent-a-DDoS service, I would argue that the issue...

Gustuff banking botnet targets Australia

Vitor Ventura authored this post. Executive summary Cisco Talos has uncovered a new Android-based campaign targeting Australian financial institutions. As the investigation progressed, Talos came to understand that this campaign was associated with the "ChristinaMorrow" text message spam scam...

How Android Fought the Chamois Botnet—and Won

The Chamois botnet once infected 20 million Android devices. Here's how Google finally tore it up...

Cyber Security Week in Review (March 22)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week Norwegian aluminum company...

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original...

IPv6 unmasking via UPnP

Martin Zeiser and Aleksandar Nikolich authored this post. Executive summary With tools such as ZMap and Masscan and general higher bandwidth availability, exhaustive internet-wide scans of full IPv4 address space have become the norm after it was once impractical. Projects like Shodan and Scans.i...

Magic AirMusic Insufficient Access Control Vulnerability

Various products of multiple vendors using the Magic AirMusic web interface for the control of the device are prone to an insufficient access control vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

Zero-Days in Counter-Strike Client Used to Build Major Botnet

A proprietor of a Counter-Strike gaming server promotion service has used multiple zero-days in the Counter-Strike client to create a large botnet. The network is made up of fake game servers for the popular online multiplayer game. The attacker has had quite a bit of success. In a recent analysi...

GlitchPOS Malware Appears to Steal Credit-Card Numbers

A new insidious malware bent on siphoning credit-card numbers from point-of-sale PoS systems has recently been spotted on a crimeware forum. Researchers at Cisco Talos said in a Wednesday analysis that they discovered the malware, dubbed “GlitchPOS,” being peddled on the Dark Web for $250. The...

Emotet revisited: pervasive threat still a danger to businesses

One of the most common and pervasive threats for businesses today is Emotet, a banking Trojan turned downloader that has been on our list of top 10 detections for many months in a row. Emotet, which Malwarebytes detects as Trojan.Emotet, has been leveled at consumers and organizations across the...