EUVD-2015-2328

Malware in sbrugna...

Ukraine Arrests Cryptor Specialist Aiding Conti and LockBit Ransomware

Ukrainian Police have arrested a ransomware cryptor developer in connection with the notorious Conti and LockBit groups. This arrest was the result of Operation Endgame, a major operation that aims to dismantle key elements of these cybercriminal organizations...

Why Malware Crypting Services Deserve More Scrutiny

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact, the process of "crypting" malware is sufficiently...

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

A crypter alternatively spelled cryptor malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per...

SUSE CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

Information Disclosure

shenyu-plugin-cryptor is vulnerable to information disclosure. The vulnerability exists due to the insufficiently protected credentials in the library, allowing an attacker to gain users sensitive information through the HTTP response...

detherjs (>=4.2.3 <=4.2.15), secure-cookies-js (>=1.0.0 <=1.1.1) +1 more potentially affected by unknown CVE via simple-crypto-js (>=1.1.0 <=1.1.1)

simple-crypto-js NPM version =1.1.0, =4.2.3, =1.0.0, =0.1.1, =0.1.2 Source cves: unknown CVE Source advisory: OSV:GHSA-5V7R-JG9R-VQ44...

Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims

ARCHIVED STORY Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims By John Fokker · October 30, 2018 Alexandr Solad and Daniel Hatheway of Recorded Future are coauthors of this post. Read Recorded Future’s version of this analysis. Rising from the deep, Kraken Cryptor ransomware has...

Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims

ARCHIVED STORY Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims By John Fokker · October 30, 2018 Alexandr Solad and Daniel Hatheway ofRecorded Future are coauthors of this post. Read Recorded Future’s version of this analysis. Rising from the deep, Kraken Cryptor ransomware has...

The return of Fantomas, or how we deciphered Cryakl

In early February this year, Belgian police seized the C&C servers of the infamous Cryakl cryptor. Soon afterwards, they handed over the private keys to our experts, who used them to update the free RakhniDecryptor tool for recovering files encrypted by the malware. The ransomware, which for year...

A week in security (July 2 – July 8)

Last week, we tracked back a large mining operation from their Coinhive shortlink, we took a look at online project management tools, we described a new macro-less technique to distribute malware, and talked about a Mac malware that targets crypto-mining users. Other news: Huawei enterprise comms...

ClamAV < 0.98.7 Multiple DoS Vulnerabilities - Windows

ClamAV is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"...

ClamAV < 0.98.7 Multiple DoS Vulnerabilities - Linux

ClamAV is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"...

CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

DEBIAN-CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

Design/Logic Flaw

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service infinite loop via a crafted y0da cryptor file...

clamav: multiple issues

CVE-2015-2170 denial of service A flaw has been found in the UPX decoder with crafted files. During unpacking there are two range checks which are implemented "manually". Those checks lack the detection of overflows which are considered by the CLIISCONTAINED macro. - CVE-2015-2221 denial of...