Lucene search
+L

196 matches found

FireEye
FireEye
added 2016/03/28 8:0 a.m.24 views

TREASUREHUNT: A Custom POS Malware Tool

Since early 2015, FireEye Threat Intelligence has observed the significant growth of point-of-sale POS malware families in underground cyber crime forums. POS malware refers to malicious software that extracts payment card information from memory and usually uploads that data to a command and...

7.5AI score
Exploits0
FireEye
FireEye
added 2016/01/28 8:0 a.m.28 views

CenterPOS: An Evolving POS Threat

Introduction There has been no shortage of point-of-sale POS threats in the past couple of years. This type of malicious software has gained widespread notoriety in recent time due to its use in high-profile breaches, some of which involved well-known brick and mortar retailers and led to the...

0.3AI score
Exploits0
FireEye
FireEye
added 2016/01/13 12:30 p.m.18 views

SlemBunk Part II: Prolonged Attack Chain and Better-Organized Campaign

Introduction Our follow-up investigation of a nasty Android banking malware we identified at the tail end of last year has not only revealed that the trojan is more persistent than we initially realized – thus making for a much more dangerous threat – but that it is also being used as part of an...

0.2AI score
Exploits0
FireEye
FireEye
added 2015/12/11 6:53 a.m.33 views

LATENTBOT: Trace Me If You Can

FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless...

Exploits0
FireEye
FireEye
added 2015/12/11 6:53 a.m.343 views

LATENTBOT: Trace Me If You Can

FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless...

Exploits0
0day.today
0day.today
added 2015/10/03 12:0 a.m.37 views

Zemra Botnet CnC Web Panel Remote Code Execution Exploit

This Metasploit module exploits the CnC web panel of Zemra Botnet which contains a backdoor inside its leaked source code. Zemra is a crimeware bot that can be used to conduct DDoS attacks and is detected by Symantec as Backdoor.Zemra. This module requires Metasploit: http://metasploit.com/downlo...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2015/10/02 12:0 a.m.38 views

Zemra Botnet CnC Web Panel Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Zemra Botnet CnC Web Panel Remote Code Execution', 'Description' = %q This module exploits the CnC web panel of Zemra Botnet which...

0.1AI score
Exploits0
Metasploit
Metasploit
added 2015/09/30 11:24 a.m.63 views

Zemra Botnet CnC Web Panel Remote Code Execution

This module exploits the CnC web panel of Zemra Botnet which contains a backdoor inside its leaked source code. Zemra is a crimeware bot that can be used to conduct DDoS attacks and is detected by Symantec as Backdoor.Zemra. This module requires Metasploit: https://metasploit.com/download Current...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2015/09/21 12:0 a.m.22 views

Cisco 路由器后门 SYNful Knock

影响范围涉及4个国家及常见型号通常来说,思科路由器的植入后门以前经常被认为是理论可行或较难实现,但近日有国外安全公司Fireeye发现这种针对路由器的植入式后门正悄然流行,涉及Cisco 1841/Cisco 2811/Cisco...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2015/09/15 9:38 a.m.12 views

Attackers Replacing Firmware on Cisco Routers

Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to...

0.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/03/13 1:56 p.m.54 views

Energy Watering Hole Attack Used LightsOut Exploit Kit

A recent watering-hole attack targeted firms in the energy sector using a compromised site belonging to a law firm that works with energy companies and led victims to a separate site that used the LightsOut exploit kit to compromise their machines. The attack, which was active during late Februar...

10CVSS7.8AI score0.98704EPSS
Exploits10References6
ThreatPost
ThreatPost
added 2012/12/11 7:41 p.m.9 views

'Sanny' Malware Targeting Russian Space, IT, Telecom Industries

Attackers, purportedly hailing from Korea, have been targeting individuals in Russia’s aerospace, IT, education and telecommunication industries with hopes of extracting their passwords and credentials. According to a post on FireEye’s Malware Intelligence Lab by researchers Alex Lanstein and Ali...

Exploits0References1
ThreatPost
ThreatPost
added 2012/08/27 1:21 p.m.8 views

New Java Zero Day Being Used in Targeted Attacks

There is a newly discovered zero day vulnerability in Java 7 that is being used in some targeted attacks right now. The vulnerability works against Internet Explorer and Firefox and researchers say that attackers are exploiting in the wild and installing a version of the Poison Ivy RAT on...

6.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2011/03/21 12:53 p.m.13 views

Lessons From the Rustock Takedown

As a follow-up to the Rustock botnet news, Microsoft have identified themselves as the key instigators of the takedown. This is the second time Microsoft’s legal team has been actively involved in combating the botnet menace – and they obviously learned from their previous attempt at trying to...

0.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/03/08 8:29 p.m.22 views

New Malware, JKDDOS, Targets Commodities Investment Firms

Researchers at Arbor Networks say they have discovered unique samples of a new family of malware that is targeting large investmen firms with holdings in the commodities markets, especially the mining industry. The malware, dubbed ‘JKDDOS,’ is used to launch distributed denial of service DDOS...

1.1AI score
Exploits0References2
exploitpack
exploitpack
added 2000/04/13 12:0 a.m.22 views

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution source: https://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefor...

Exploits0
Rows per page
Query Builder