119 matches found
Poison Ivy 2.1.x C2 Buffer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Poison Ivy 2.1.x C2 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in the Poison Ivy 2.1.x C...
GozNym Trojan Attackers Set Sights on Europe, Poland
The banking malware GozNym has legs; only a few weeks after the hybrid Trojan was discovered, it has reportedly spread into Europe and begun plaguing banking customers in Poland with redirection attacks. The malware has started targeting corporate, SMB, investment banking and consumer accounts at...
Trend Micro Deep Discovery Inspector 3.7 / 3.8 CSRF
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-DDI-CSRF.txt Vendor: ==================== www.trendmicro.com Product: ========================================= Trend Micro Deep Discovery Inspector V3.8, 3.7 Deep...
Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-Site Request Forgery
Exploit for php platform in category web applications + Credits: John Page aka hyp3rlinx Vendor: ==================== www.trendmicro.com Product: ========================================= Trend Micro Deep Discovery Inspector V3.8, 3.7 Deep Discovery Inspector is a network appliance that gives you...
Remote Code Execution in CCTV-DVR
来源链接: http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html This post is going to be a follow up from a research which dates back to December 2014, called "The Backoff POS Trojan operation". Back then, one of the key conclusions highlighted from the report is that fraudste...
Researchers Outline New Italian RAT uWarrior
Details have come to light about a new remote access Trojan called uWarrior that arrives embedded in a rigged .RTF document. Researchers with Palo Alto Networks’ research division, Unit 42, described the malware and how it appears to have emanated from an “unknown actor of Italian origin,” in a...
New Backoff Variant ROM Tougher to Detect, Analyze
A new and more fine-tuned version of the Backoff point of sale malware known as ROM has been spotted in the wild, according to researchers. While the latest iteration is similar to the preceding version, ROM has tweaks that help the malware better evade detection and hinder the analysis process,...
Poison Ivy 2.3.2 C&C Server Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Caphaw Banking Malware Distributed via YouTube Ads
More than one billion of unique visitor spend about 6 billion hours on YouTube to watch videos, according to monthly YouTube Stats. Security researchers from Bromium Labs recently found that YouTube advertising network has been abused by rogue advertisers to distribute malware. YouTube In-Stream...
Tor-enabled Point-of-Sale malware 'ChewBacca' stole Credit Card data from 11 Countries
+malware+stole+credit+card+data+from+11+Countries.jpg After the massive data breaches at U.S retailers Target and Neiman Marcus in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, shows that the Point of Sale POS system has become a new...
EFF Activists, Journalists Hit By Targeted Malware Attack
Phishing and malware attacks are among the more democratic and populist threats on the Internet. You don’t have to stand in the crowd in order to be targeted; the attackers will get to you sooner or later. But while most malware campaigns are aimed at the masses, attackers often save their best...
New Mac OS Malware exploited two known Java vulnerabilities
A new Mac OS Malware has been discovered called OSX/Leverage.A, which appears to be yet another targeted command-and-control Trojan horse, that creates a backdoor on an affected user's machine. The Trojan named 'Leverage' because the Trojan horse is distributed as an application disguised as a...
Tor Anonymizing network overload caused by Mevade Botnet
Recently, Tor Project Director - Roger Dingledine described a sudden increase in Tor users on the Tor Network after the events related to disclosure of the PRISM surveillance program, Since August 19, 2013, there has been an impressive growth in the number of Tor users. At first, No one knew who ...
Hand of Thief Linux Banking Trojan Not Ready For Primetime
Upon further examination, a new banking Trojan variant may not be as commercially viable as it was thought to be. Researchers at RSA Security have peeled back the layers this week on the Hand of Thief banking Trojan, a piece of malware that made headlines over the summer after it was thought to b...
Researchers detected the Malware that targets the Russian stock-trading platform QUIK
Security Researcher from Group-IB Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations has found a new kind of malware that targets the Russian stock-trading platform QUIK. It was detected during several targeted attacks starting in November 20...
Researchers detected the Malware that targets the Russian stock-trading platform QUIK
Security Researcher from Group-IB Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations has found a new kind of malware that targets the Russian stock-trading platform QUIK. It was detected during several targeted attacks starting in November 20...
'BadNews' Android Malware downloaded up to 9 million times
It appears as if another malware scare has come to Android. Lookout Security said on Friday that it has discovered a new family of malware called BadNews. Malware that avoided detection and made its way onto the Google Play store has been downloaded around 9 million times by users from all over t...
New Ransomware Encrypts Victim Data
An unusual new strain of ransomware makes good on its threat, doing what the majority of other varieties only claim to do. The Trojan actually encrypts data on infected machines, effectively rendering certain files inaccessible to users on compromised computers in order to block removal. This...
PokerAgent botnet stole over 16,000 Facebook credentials
PokerAgent botnet was discovered in 2012 by ESET Security Research Lab, which is a Trojan horse designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats. According to latest report, the botnet i...
PokerAgent botnet stole over 16,000 Facebook credentials
PokerAgent botnet was discovered in 2012 by ESET Security Research Lab, which is a Trojan horse designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats. According to latest report, the botnet i...