Lucene search
K

40 matches found

hivepro
hivepro
added 2023/02/03 8:40 a.m.55 views

VectorStealer Malware steals Sensitive Information via RDP Hijacking and Phishing Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary VectorStealer is a malware that steals .rdp files through phishing emails, can be generated for USD 63 in Bitcoin, exfiltrates stolen information through SMTP, Discord, or Telegram, and uses the KGB...

2.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/12 2:46 p.m.37 views

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. "Throughout the attack, the attacker followed a...

2.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/07/18 4:11 p.m.32 views

A Deep Dive Into the Residential Proxy Service ‘911’

The 911 service as it exists today. For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe -- but...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/29 1:1 p.m.25 views

Beware! This Android Trojan Stole Millions of Dollars from Over 10 Million Users

A newly discovered "aggressive" mobile campaign has infected north of 10 million users from over 70 countries via seemingly innocuous Android apps that subscribe the individuals to premium services costing €36 $42 per month without their knowledge. Zimperium zLabs dubbed the malicious trojan...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/08 5:3 p.m.28 views

TeamTNT’s New Tools Target Multiple OSes

The TeamTNT malware pushers have a slew of new toys with which to wreak havoc – multiple shell/batch scripts, open-source tools, a cryptocurrency miner, an IRC and more – that have inflicted more than 5,000 infections globally as antivirus AV tools struggle to catch up with the newest malware...

6.7AI score
Exploits0References14
The Hacker News
The Hacker News
added 2021/07/28 10:58 a.m.54 views

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan RAT on compromised systems. Attributing the intrusions to a threat actor...

0.5AI score
Exploits0
Metasploit
Metasploit
added 2021/02/25 5:42 p.m.49 views

Process Herpaderping evasion technique

This module allows you to generate a Windows executable that evades security products such as Windows Defender, Avast, etc. This uses the Process Herpaderping technique to bypass Antivirus detection. This method consists in obscuring the behavior of a running process by modifying the executable o...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/01/12 12:0 a.m.582 views

CVE-2021-1647 Microsoft Windows Defender Zero-Day Vulnerability

Microsoft Defender Remote Code Execution Vulnerability Recent assessments: cdelafuente-r7 at January 13, 2021 3:55pm UTC reported: No useful information has been published so far and most of the speculations found online are based on the CVSS 3.0 metrics found in the advisory. That said, the atta...

7.8CVSS8.1AI score0.39653EPSS
In wildExploits0References4
ThreatPost
ThreatPost
added 2019/10/01 5:40 p.m.142 views

Hackers Turn to OpenDocument Format to Avoid AV Detection

Attackers have a new obfuscation technique that uses the OpenDocument file format for sneaking payloads past antivirus software. Past macro-based attacks have relied on malware hitching a ride with .docx, .zip, .jar and many other file formats. But researchers at Cisco Talos said that because the...

7.1AI score
Exploits0References5
Talos Blog
Talos Blog
added 2019/09/30 8:35 a.m.101 views

Open Document format creates twist in maldoc landscape

By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/04/04 11:0 a.m.71 views

SAS 2019 to Tackle APTs, Supply Chains and More

Kaspersky Lab’s Security Analyst Summit kicks off in Singapore next week, where elite researchers, top cybersecurity firms and global law-enforcement agencies will discuss today’s biggest cybersecurity threats and how best to squash them. This year marks the first time the global security...

0.1AI score
Exploits0References3
FireEye
FireEye
added 2018/09/19 10:0 a.m.985 views

Click It Up: Targeting Local Government Payment Portals

FireEye has been tracking a campaign this year targeting web payment portals that involves on-premise installations of Click2Gov. Click2Gov is a web-based, interactive self-service bill-pay software solution developed by Superion. It includes various modules that allow users to pay bills associat...

7.5CVSS0.99993EPSS
Exploits57
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Internet Explorer browser allows a malicious attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability related to accessing confidential information exists in Internet Explorer and allows attackers to send requests to resources stored in memory. Exploiting this vulnerability enables attackers to identify the antivirus software being used and avoid being detected...

5.8CVSS5.5AI score0.58023EPSS
Exploits3References5Affected Software1
ThreatPost
ThreatPost
added 2016/04/20 1:53 p.m.16 views

Latest TeslaCrypt Targets New File Extensions, Invests Heavily in Evasion

TeslaCrypt, like many of its ransomware cousins, doesn’t sleep on past success. Researchers at Endgame Inc., have found two updates for the cryptoransomware in the past two weeks that invest heavily in obfuscation and evasion techniques, and also target a host of new file extensions. These sample...

7.5AI score
Exploits0References6
n0where
n0where
added 2015/06/02 5:2 p.m.69 views

Portable Penetration Testing Distribution for Windows: PentestBox

PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetration testing distributions users uses windows and provides an efficient platform for Penetration Testing on windows. It provides all security tools as a...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2015/05/29 12:1 a.m.17 views

Volatile Cedar — Global Cyber Espionage Campaign Discovered

Security firm Check Point has uncovered what seems to be a successful, and long-running, cyber-surveillance campaign called “Volatile Cedar.” Check Point found that targets of the attack included, but were not limited to, defense contractors, media companies, telecommunications, and educational...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2015/02/23 12:0 a.m.13 views

BullGuard Antivirus Detection (Windows SMB Login)

Detects the installed version of BullGuard Anti-Virus. The script logs in via smb, searches for SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2015/02/20 12:12 a.m.14 views

Android Malware Can Spy On You Even When Your Mobile Is Off

Security researchers have unearthed a new Android Trojan that tricks victims into believing they have switched their device off while it continues "spying" on the users' activities in the background. So, next time be very sure while you turn off your Android smartphones. The new Android malware...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2014/09/23 11:10 a.m.11 views

Malware-Laced Emails Appear to Come From LogMeIn

The SANS Internet Storm Center yesterday warned users and administrators to be on the lookout for malicious emails purporting to come from the security and authentication firm LogMeIn. For it’s part, LogMeIn is aware of the attacks, and has issued a number of warnings to its customers on its blog...

0.2AI score
Exploits0References4
The Hacker News
The Hacker News
added 2014/08/07 2:25 a.m.15 views

Company That Sells 'FinFisher' Spying Tool Got Hacked, 40GB Data Leaked

FinFisher spyware, a spyware application used by government and law enforcement agencies for the purpose of surveillance, appears to have been hacked earlier this week and a string of files has been dumped on the Internet. The highly secret surveillance software called “FinFisher” sold by British...

6.7AI score
Exploits0
Rows per page
Query Builder