79 matches found
Cheating the cheater: How adversaries are using backdoored video game cheat engines and modding tools
By Nick Lister and Holger Unterbrink, with contributions from Vanja Svajcer. News summary Cisco Talos recently discovered a new campaign targeting video game players and other PC modders.Talos detected a new cryptor used in several different malware campaigns hidden in seemingly legitimate files...
Guild Wars 2 Insecure Folder Permissions
Exploit Title: Guild Wars 2 - Insecure Folder Permissions Date: 2020-10-09 Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild War...
Crypto AG scandal
The article in The Washington Post is really huge, but even a brief glance is enough to see how absolutely amazing this Crypto scandal is. A great example of chutzpah. "Crypto AG was a Swiss company specialising in communications and information security. It was jointly owned by the American CIA...
Threat Analysis Unit (TAU) Threat Intelligence Notification: Skidmap
Hijacking machine resources and using them to mine for cryptocurrency continues to be an attractive and lucrative target for threat actors. As we’ve continued to see this type of attack used, we’ve also seen more platforms being targeted. Seeing cryptocurrency mining malware targeting Linux and...
CVE-2019-12828
An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via t...
Google Warns of Growing Android Attack Vector: Backdoored SDKs and Pre-Installed Apps
Google is reporting an uptick in efforts by bad actors to plant potentially harmful applications PHAs on Android devices via pre-installed apps and by bundling them with system updates delivered over the air. The technique is especially troubling, Google said, because PHAs are often malicious and...
Warning: ASUS Software Update Server Hacked to Distribute Malware
Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million...
This Week in Security News: Cyber Leads and Email Frauds
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, The Trump Administration added a cyber lead at Homeland Security and the Energy Department. Also, the FBI announced the arrest of 74 “email...
WordPress No Follow All External Links plugin <=2.3.0 - Backdoored
Backdoor code found by WordFence in WordPress No Follow All External Links plugin versions =2.3.0. Solution This plugin was closed on 2017 December 19 and is no longer available for download on WordPress plugin repository. Deactivate and delete the plugin...
No Follow All External Links 2.1.0-2.3.0 (current) - Backdoored
The nofollow-all-external-links WordPress plugin was affected by a Backdoored security vulnerability...
WordPress Captcha plugin <=4.4.4 - Backdoored
Backdoor found by WordFence team in WordPress Captcha plugin versions 4.3.6–4.4.4. Solution WordPress plugin repository team patched the plugin, but you need to decide on your own to use this plugin further or not...
Captcha 4.3.6–4.4.4 - Backdoored
The captcha WordPress plugin was affected by a Backdoored security vulnerability...
Display Widgets 2.6.0-2.6.3.1 - Backdoored
The display-widgets WordPress plugin was affected by a Backdoored security vulnerability...
Linux Mint Website Hacked, ISOs Replaced with Backdoored Versions
Attackers managed to hijack the website of the Linux Mint operating system to push a backdoored ISO image of the software to users over the weekend. The developers behind the software, one of, if not the most popular Linux distribution, are unsure what the hackers are aiming to achieve by the mov...
Warning — Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
Are you also the one who downloaded Linux Mint on February 20th? You may have been Infected! Linux Mint is one of the best and popular Linux distros available today, but if you have downloaded and installed the operating system recently you might have done so using a malicious ISO image. Here's...
Socat Weak Diffie-Hellman Prime Number
Update Socat is the latest open source tool to come under suspicion that it is backdoored. Socat is a versatile command line utility that builds bi-directional communication streams and moves data between channels, including files, network pipes, serial connected devices, sockets or a combination...
Juniper Removes Dual_EC, ANSI X9.31 Algorithms
Juniper Networks announced late Friday it was removing the suspicious DualECDRBG random number generator from its ScreenOS operating system. And while that’s heralded as a positive move considering DualEC’s dubious origins, there remain important and unanswered questions about Juniper’s decision ...
Hackers Cause World's First Power Outage with Malware
SCADA system has always been an interesting target for cyber crooks, given the success of Stuxnet malware that was developed by the US and Israeli together to sabotage the Iranian nuclear facilities a few years ago, and "Havex" that previously targeted organizations in the energy sector. Now once...
Chinese Mobile Ad Library Backdoored to Spy on iOS Devices
Versions of a popular Chinese mobile ad library have been backdoored with capabilities that can be used to surreptitiously record audio and steal data stored on thousands of iOS devices. Researchers at FireEye said today they have found 17 backdoored versions of the mobiSage SDK versions 5.3.3 to...
CryptoPHP Backdoor Hijacks Servers with Malicious Plugins & Themes
Security researchers have discovered thousands of backdoored plugins and themes for the popular content management systems CMS that could be used by attackers to compromise web servers on a large scale. The Netherlands-based security firm Fox-IT has published a whitepaper revealing a new Backdoor...