Malicious Package

Overview All versions of hulp contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation Any computer that has this package installed or running should be considered fully compromised. All...

[SECURITY] Fedora 30 Update: mosquitto-1.6.2-1.fc30

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking

If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers...

April 9, 2019—KB4493467 (Security-only update)

April 9, 2019—KB4493467 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...

Malware Installed in Asus Computers through Hacked Update Process

Kaspersky Labs is reporting on a new supply chain attack they call "Shadowhammer." In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large...

Threat Landscape for Industrial Automation Systems in H2 2018

H2 2018 in figures All statistical data used in this report was collected using the Kaspersky Security Network KSN, a distributed antivirus network. The data was received from those KSN users who gave their consent to have data anonymously transferred from their computers. We do not identify the...

TianoCore EDK II BIOS Vulnerabilities - US

Lenovo Security Advisory: LEN-22660 Potential Impact: Denial of service, privilege escalation Severity: Medium Scope of Impact: Industry-wide Summary Description: Lenovo was notified of multiple buffer validation and parsing vulnerabilities in TianoCore EDK II BIOS that could lead to denial of...

Booter Boss Interviewed in 2014 Pleads Guilty

A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years. The plea deal comes almost exactly five years after KrebsOnSecurity interviewed both the admitted felon and his father and urged the latter to take a more...

U.S. Government Goes After North Korea's Joanap Botnet

The U.S. Justice Department is looking to retaliate against North Korea-linked hackers who have built up a massive global network of infected computers. The department announced on Wednesday that it would seek to map out the Joanap botnet, which has been built and controlled by North Korea-linked...

FBI Mapping 'Joanap Malware' Victims to Disrupt the North Korean Botnet

The United States Department of Justice DoJ announced Wednesday its effort to "map and further disrupt" a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade. Dubbed Joanap , the botnet is believed to be part of "Hidden Cobra"—an...

Police Shut Down xDedic – An Online Market for Cyber Criminals

In an international operation involving law enforcement authorities from the U.S. and several European countries, feds have shut down an online underground marketplace and arrested three suspects in Ukraine. Dubbed xDedic, the illegal online marketplace let cybercriminals buy, sell or rent out...

App Layering 4.10 - Duplicate-computers-in-the-Sophos console

PROBLEM DESCRIPTION: Duplicate computers in the Sophos console Attaching screenshots of the behavior:...

Evaluating the GCHQ Exceptional Access Proposal

The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the UK, Australia, and elsewhere -- argue that the pervasive use of civilian encryption is hampering their ability to solve crimes and that they need the tech companies to make...

January 8, 2019—KB4480972 (Security-only update)

January 8, 2019—KB4480972 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides protections against an additional subclass of speculative execution...

January 8, 2019—KB4480957 (Security-only update)

January 8, 2019—KB4480957 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides protections against an additional subclass of speculative execution...

January 8, 2019—KB4480968 (Monthly Rollup)

January 8, 2019—KB4480968 Monthly Rollup Improvements and fixes This security update addresses the following issues: Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass CVE-2018-3639 for AMD-based computers. The...

Vitalex Computers SRO Tvorba Skolnich Webu 1.0 SQL Injection

Exploit Title : Vitalex Computers SRO Tvorba A!kolnAch webu 1.0 SQL Injection Exploit Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepages : vitalex.cz Google Dork 1 : intext:'' Vitalex Computers - Tvorba A!kolnAch webu'' site:cz Google Dork 2 :...

LDAP_Search - Tool To Perform LDAP Queries And Enumerate Users, Groups, And Computers From Windows Domains

LDAPSearch can be used to enumerate Users, Groups, and Computers on a Windows Domain. Authentication can be performed using traditional username and password, or NTLM hash. In addition, this tool has been modified to allow brute force/password-spraying via LDAP. LdapSearch makes use of Impackets...

Panasonic PC Registration Unreferenced Service Path Vulnerability

The Panasonic PC is a computer device from the Japanese company Panasonic. A security vulnerability exists in Panasonic PCs devices manufactured in October 2009 and later with Windows 7, Windows 8, Windows 8.1, and Windows 10 preinstalled. An attacker could exploit the vulnerability to execute...

FBI Sinkholes $38M Global Ad Fraud Operation

The FBI has taken control of 31 web domains in a widespread takedown of a multi-year, global ad fraud campaign, believed to have stolen at least $38 million, partly via a botnet strategy. In addition, eight defendants face a 13-count indictment from a federal court in Brooklyn in the case. The...