16 matches found
Mustang Panda Targets Philippines Government Using Legitimate Software
Summary: Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect an antivirus solution based in Indonesi...
SMB cybersecurity posture weakened by COVID-19, Labs report finds
In August, Malwarebytes Labs analyzed the damage caused by COVID-19 to business cybersecurity. Because of immediate, mandated transitions to working from home WFH, businesses across the United States suffered more data breaches, lost more dollars, and increased their overall attack surfaces, all...
Dark Tequila Banking Malware Uncovered After 5 Years of Activity
Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013. Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for fi...
Europol and IT Security Companies Team Up to Combat Ransomware Threat
No More Ransom, so is the Ransomware Threat. The European Police agency Europol has joined forces with police and cyber security companies to launch a worldwide initiative to combat and tackle together the exponential growth of Ransomware used by cyber criminals. Europol announced today the...
CoinVault Ransomware Betting on Hope with Free File Decrypt
UPDATE: A prior version of this story incorrectly defined VSS as vulnerability scanning systems when in fact it refers to volume shadow copy service, which is a Windows automatic data backup and recovery mechanism. Thanks to commenter Rudy for pointing this out. The courteous CoinVault ransomware...
IBM Lotus Protector for Mail Security任意代码执行漏洞
Bugtraq ID:66405 CVE ID:CVE-2014-0887 IBM Lotus Protector for Mail Security是一项基于IBM Proventia网络邮件安全系统的防毒与反垃圾邮件解决方案。 IBM Lotus Protector for Mail Security存在一个未明安全漏洞,允许通过验证的远程攻击者以root权限执行任意代码。 0 IBM Lotus Protector for Mail Security 2.8.0.0 IBM Lotus Protector for Mail Security 2.8.1.0...
Tilon/SpyEye2 Banking Trojan Usage Declining after SpyEye Author Arrest
Today, when we come across various malware, exploit kits and botnets that are in the wild, we think about an effective Antivirus solution or a Security Patch, but the most effective solution is always "The arrest of malware authors and culprits who are involved in the development of Malware." Til...
Cryptolocker Ransomware makes different Bitcoin wallet for each victim
When you’re online, you expose your vulnerability to malicious virus that have been growing in virulence and ferocity over the last few years. Among home PC users, you may think that you protected from malicious software by Installing an effective, trusted antivirus solution, but most if the...
Avast Linux Home Edition (vulnerability on a temporary folder creation)
Title : Avast Linux Home Edition, vulnerability on a temporary folder creation Protuct : Avast! Linux Home Edition Product : http://www.avast.com/eng/download-avast-for-linux-edition.html Version : 1.0.5, 1.0.5-1 avast4workstation-1.0.5-1.i586.rpm avast4workstation-1.0.5.tar.gz Vuln Found :...
ClamAV < 0.86.3 Content-parsing Multiple Overflows (deprecated)
Binary data 3229.prm...
Microsoft IIS Download.Ject Trojan Detection
Download.Ject is a Trojan that infects Microsoft IIS servers. The Trojan's dropper sets it as the document footer for all pages served by IIS Web sites on the infected computer. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12287; scriptversion"$Revision: 1.11 $";...
Sasser Virus Detection
The Sasser worm is infecting this host. Specifically, a backdoored command server may be listening on port 9995 or 9996 and an ftp server used to load malicious code is listening on port 5554 or 1023. There is every indication that the host is currently scanning and infecting other systems. C...
Bagle.B Worm Detection
The remote host has the Bagle.B worm installed. This is a variant of the Bagle worm which spreads via email and has a backdoor that listens on port 8866. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12063; scriptversion"1.26"; scriptcvsdate"Date: 2019/11/25";...
MyDoom Virus Backdoor Detection
The MyDoom backdoor is listening on this port. An attacker may connect to it to retrieve sensitive information, e.g. passwords or credit card numbers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. rev 1.7: fixes a bug introduced in rev 1.6 spotted by Phil Bordelon rev 1.6: MyDoom.B detecti...
Bugbear.B Web Backdoor Detection
Your system seems to be infected by the Bugbear.B virus its backdoor has been detected on port 81. C 2003 StrongHoldNet Licence : GPL v2 Modifications by rd: - Try every web server, not just port 81 UNTESTED include"compat.inc"; if description scriptid11707; scriptversion "1.11";...
Microsoft Security Essentials
Microsoft Security Essentials...