DEF CON 2018: Critical Bug Opens Millions of HP OfficeJet Printers to Attack

LAS VEGAS – Tens of millions of fax-ready HP OfficeJet inkjet printers are vulnerable to a simple hack that gives an attacker full control over a targeted printer. Once compromised, the all-in-one OfficeJet could act as a springboard for deeper network penetration by an attacker. Here at DEF CON,...

New WhatsApp flaws let attackers hack chats to spread fake news

By Waqas Spreading fake news through WhatsApp was never so easy before. According to the latest research from Check Point security firm, WhatsApp users are at the risk of getting their private chats and group conversations hacked and exploited. Researchers discovered a new wave of attacks that...

WhatsApp Flaw Lets Users Modify Group Chats to Spread Fake News

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations. Discovered by security researchers at...

Ramnit Changes Shape with Widespread Black Botnet

The recently uncovered “Black” botnet campaign using the Ramnit malware racked up 100,000 infections in the two months through July– but the offensive could just be a precursor to a much larger attack coming down the pike, according to researchers, thanks to a second-stage malware called Ngioweb...

ThreatList: 6-Year-Old Dorkbot Banking Malware Resurfaces as Big Threat

The banking malware called Dorkbot is back. Samples of the 6-year-old malware are now ranked the second biggest banking malware headache in 2018 so far, according to new data from Check Point. “Dorkbot, known malware that dates back to 2012, has entered back the top ranks, starring in the APAC as...

PT-2018-1834 · Palo Alto Networks +9 · Pan-Os +12

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.9 and later PAN-OS versions prior to 6.1.22 PAN-OS versions prior to 7.1.20 PAN-OS versions prior to 8.0.13 PAN-OS versions prior to 8.1.5 Arista EOS affected versions not specified vEOS affected versions not specified...

Samples of SiliVaccine Offer Rare Peek Inside North Korea’s Antivirus Software

Two aged samples of North Korean antivirus software called SiliVaccine crib software code from a competitor and come loaded with malware and a backdoor. The two SiliVaccine samples obtained by researchers at Check Point security offer unique insight into a secretive country and how it likely...

By CVE-2017-17215 learning router vulnerability analysis, from into the pit to give up-vulnerability warning-the black bar safety net

Basic information: 2017/11/27, Check Point Software Technologies sector reported a Huawei HG532 product remote commands execution vulnerabilityCVE-2017-17215, the Mirai an upgraded version of the variant has been used in the vulnerability. Looks like a very simple vulnerabilities, and the book...

Hackers Have Started Exploiting Drupal RCE Exploit Released Yesterday

Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code. Two weeks ago, Drupal security team discovered a highly critical remote code execution vulnerability, dubbed Drupalgeddon2, in its content management...

Pre-installed malware on Android devices made $115k revenue in 10 days

By Waqas Check Point Mobile Security Team discovered a massive, on-going malware This is a post from HackRead.com Read the original post: Pre-installed malware on Android devices made $115k revenue in 10 days...

GandCrab Ransomware Crooks Take Agile Development Approach

Earlier this month, command-and-control servers tied to the fast-growing GandCrab ransomware campaigns were seized by Romanian Police and Europol. But, criminals behind GandCrab don’t appear phased by the setback and have already tweaked the malware to keep ransomware payment coming in. According...

Check Point Gaia Operating System Privilege Escalation

The remote host is running a version of Gaia OS which is affected by an issue where low privileged users authenticated to the Gaia clish shell may execute arbitrary code as admin / root. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid107072; scriptversion"1.2";...

Google Play Removes 22 Malicious ‘LightsOut’ Apps From Marketplace

Nearly two dozen Android flashlight and related utility apps were removed from the Google Play marketplace after researchers found a malicious advertising component dubbed “LightsOut” inside them. In total, the apps were downloaded between 1.5 and 7.5 million times. Security researchers at Check...

Huawei HG532 Router Remote Code Execution(CVE-2017-17215)

A Zero-Day vulnerability CVE-2017-17215 in the Huawei home router HG532 has been discovered by Check Point Researchers, and hundreds of thousands of attempts to exploit it have already been found in the wild. The delivered payload has been identified as OKIRU/SATORI, an updated variant of Mirai...

Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers

Although the original creators of the infamous IoT malware Mirai have already been arrested and sent to jail, the variants of the notorious botnet are still in the game due to the availability of its source code on the Internet. Hackers have widely used the infamous IoT malware to quietly amass a...

Huawei Router Vulnerability Used to Spread Mirai Variant

Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...

Check Point Gaia Operating System < R77.20 Multiple NTP Client Vulnerabilities (sk103825)

The remote host is running a version of Gaia Operating System that is prior to R77.20 and thus, is potentially affected by multiple NTP client vulnerabilities. Note that NTP client is disabled by default. Further note that if the vendor's suggested mitigations are in place, this can be considered...

Critical Flaw in Major Android Tools Targets Developers and Reverse Engineers

Finally, here we have a vulnerability that targets Android developers and reverse engineers, instead of app users. Security researchers have discovered an easily-exploitable vulnerability in Android application developer tools, both downloadable and cloud-based, that could allow attackers to stea...

Developers Targeted in ‘ParseDroid’ PoC Attack

Researchers have developed a proof of concept attack that could impact the millions of users of integrated development environments such as Intellij, Eclipse and Android Studio. Attacks can also be carried out against servers hosting development environments in the cloud. The attack vector was...

Check Point Gaia Operating Security and Stability Update (sk100431)

The remote host is running a version of Gaia OS which is affected by an issue where system stability may be affected by certain traffic conditions. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104996; scriptversion"$Revision: 1.1 $"; scriptcvsdate"$Date: 2017/12/04...