Malicious 'Blur' Photo App Campaign Discovered on Google Play

A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...

Encryption Utility Firm Accused of Bundling Malware Functions in Product

An Italian company that sells what it describes as a legitimate encryption utility is being used as malware packer for the cloud-delivered malicious GuLoader dropper, claim researchers. The tool, according a recent investigation, creates GuLoader samples and helps the malware avoid antivirus...

DEBIAN-CVE-2019-20805

plxelf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PTDYNAMIC segment...

UBUNTU-CVE-2019-20805

plxelf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PTDYNAMIC segment...

Loncom packer: from backdoors to Cobalt Strike

The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the...

AZL-41568 CVE-2019-11254 affecting package packer 1.9.5-13

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...

CVE-2020-8614

An issue was discovered on Askey AP4000W TDCV1.01.003 devices. An attacker can perform Remote Code Execution RCE by sending a specially crafted network packer to the bdsvr service listening on TCP port 54188...

Remote code execution

An issue was discovered on Askey AP4000W TDCV1.01.003 devices. An attacker can perform Remote Code Execution RCE by sending a specially crafted network packer to the bdsvr service listening on TCP port 54188...

[SECURITY] Fedora 31 Update: upx-3.96-2.fc31

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

Fedora: Security Advisory for upx (FEDORA-2020-67590fbf08)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: upx-3.96-1.fc30

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

Fedora: Security Advisory for upx (FEDORA-2020-20cf0743f5)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

LibMiner: Container-Based Cryptocurrency Miner Targeting Unprotected Redis Servers

Qualys is actively tracking threats which target containers. In our recent analysis, we have identified a few docker instances executing a malware which we term as “LibMiner”. This malware has the capability to deploy and execute Cryptominer. It uses a unique technique for lateral movement across...

PT-2019-16066 · Upx Team +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX version 3.95 Description: A floating-point exception was discovered in PackLinuxElf::elf hash in p lx elf.cpp, causing an application crash that leads to denial of service. Recommendations: For UPX version 3.95, consider updating to a new...

PT-2019-16068 · Upx Team +3 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 3.95 ALT Linux affected versions not specified Description: An issue was found in the canUnpack function in p mach.cpp, which can be triggered by a crafted Mach-O file, leading to an invalid memory address dereference...

CVE-2019-19689

Trend Micro HouseCall for Home Networks versions below 5.3.0.1063 could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses...

CVE-2019-19689

Trend Micro HouseCall for Home Networks versions below 5.3.0.1063 could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses...

CVE-2019-19689

Trend Micro HouseCall for Home Networks versions below 5.3.0.1063 could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses...

Mondoo - Cloud-Native Security And Vulnerability Risk Management

Quick Start Install mondoo: Workstation export MONDOOREGISTRATIONTOKEN='changeme' curl -sSL http://mondoo.io/download.sh | bash Service export MONDOOREGISTRATIONTOKEN='changeme' curl -sSL http://mondoo.io/install.sh | bash For other installation methods, have a look at our documentation. Run a...

[SECURITY] Fedora 29 Update: upx-3.95-4.fc29

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...