c-toxcore 安全漏洞

c-toxcore is a peer-to-peer serverless instant messaging tool designed to make security and privacy easier for the average user. A security vulnerability exists in c-toxcore that stems from the TCP Server module in toxcore not releasing the TCP priority queue under certain circumstances, which...

Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users

Attackers are impersonating the Iranian government in a widespread SMS phishing campaign that is defrauding thousands of Android users by installing malware on their devices that can steal their credit card data and siphon money from financial accounts. Researchers from Check Point Research...

APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users

A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar. The new variants have "incorporated ne...

More Stealthier Version of BrazKing Android Malware Spotted in the Wild

Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan RAT that's capable of carrying out financial fraud attacks by stealing two-factor authentication 2FA codes and initiating rogue transactions from infected devices to transfer...

Abcbot — A New Evolving Wormable Botnet Malware Targeting Linux

Researchers from Qihoo 360's Netlab security team have released details of a new evolving botnet called "Abcbot" that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service DDoS attacks against targets. While the earliest...

TeamTNT’s New Tools Target Multiple OSes

The TeamTNT malware pushers have a slew of new toys with which to wreak havoc – multiple shell/batch scripts, open-source tools, a cryptocurrency miner, an IRC and more – that have inflicted more than 5,000 infections globally as antivirus AV tools struggle to catch up with the newest malware...

Johnsoncontrols Metasys Improper Restriction of XML External Entity Reference

XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...

New Chinese Spyware Being Used in Widespread Cyber Espionage Attacks

A threat actor presumed to be of Chinese origin has been linked to a series of 10 attacks targeting Mongolia, Russia, Belarus, Canada, and the U.S. from January to July 2021 that involve the deployment of a remote access trojan RAT on infected systems, according to new research. The intrusions ha...

NPM Package Steals Chrome Passwords

A credentials-stealing code bomb that uses legitimate password-recovery tools in Google’s Chrome web browser was found lurking in the npm open-source code repository, waiting to be planted within the sprawling galaxy of apps that pull code from that source. Researchers caught the malware filching...

CVE-2021-31217

The CVE-2021-31217 entry affects SolarWinds DameWare Mini Remote Control Server 12.0.1.200, where insecure file permissions enable arbitrary file deletion as SYSTEM due to overly permissive folders. The issue is documented across multiple sources (NVD, Red Hat, Nessus plugin, CVE lists, CNNVD) wi...

CVE-2021-31217

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM...

Experts Uncover Malware Attacks Targeting Corporate Networks in Latin America

Cybersecurity researchers on Thursday took the wraps off a new, ongoing espionage campaign targeting corporate networks in Spanish-speaking countries, specifically Venezuela, to spy on its victims. Dubbed "Bandidos" by ESET owing to the use of an upgraded variant of Bandook malware, the primary...

The vulnerability of the VMware Carbon Black App Control server is related to authentication errors, which allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the VMware Carbon Black App Control server is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign

An ongoing surveillance operation has been uncovered that targets a Southeast Asian government, researchers said – using a previously unknown espionage malware. According to Check Point Research, the attack involves spear-phishing emails with malicious Word documents to gain initial access, along...

VulnCheck KEV: CVE-2020-21224

A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server...

CVE-2020-23765

A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...

CVE-2020-23765

A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware

Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...

Lazarus APT Hackers are now using BMP images to hide RAT malware

A spear-phishing attack operated by a North Korean threat actor targeting its southern counterpart has been found to conceal its malicious code within a bitmap .BMP image file to drop a remote access trojan RAT capable of stealing sensitive information. Attributing the attack to the Lazarus Group...

EmpireCMS in Command Execution Vulnerability

EmpireCMS Empire Content Management System is an open source content management system CMS. EmpireCMS is vulnerable to a command execution vulnerability that can be exploited by attackers to gain control of the server...