43 matches found
EUVD-2008-6697
Malware in sbrugna...
EUVD-2008-6672
Malware in sbrugna...
Unveiling the Deceptive Dance: Phobos Ransomware Masquerading As VX-Underground
During a recent hunt, Qualys Threat Research has come across a ransomware family known as Phobos, impersonating VX-Underground. Phobos ransomware has been knocking on our door since early 2019 and is often seen being distributed via stolen Remote Desktop Protocol RDP connections. Strongly believe...
Crysis Threat Actors Unleash Venus Ransomware via RDP
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors behind the Crysis ransomware are currently utilizing the Venus ransomware as a component of their attack strategy, with a primary focus on targeting vulnerable systems through active...
Actors, Threats and Vulnerabilities 23 January 2023 – 29 January 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro discovered four actors that have been active in the past week. The first, APT40 and Tick, are well-known Chinese threat actors known for information theft and...
CrySIS Ransomware A Long-Standing Threat with a New Twist
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The ransomware family CrySIS, dubbed Dharma, has been advancing since 2016. Its source code was made available to the public, enabling others to customize it for their use. The criminals behind the malwa...
Microsoft Adds Default Protection Against RDP Brute-Force Attacks in Windows 11
Microsoft is now taking steps to prevent Remote Desktop Protocol RDP brute-force attacks as part of the latest builds for the Windows 11 operating system in an attempt to raise the security baseline to meet the evolving threat landscape. To that end, the default policy for Windows 11 builds –...
Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses
CrySIS, aka Dharma, is a family of ransomware that has been evolving since 2006. We have noticed that this ransomware has become increasingly active lately, increasing by a margin of 148 percent from February until April 2019. The uptick in detections may be due to CrySIS' effective use of multip...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Keys for Dharma Ransomware Released
Victims of the Dharma strain of ransomware can now get their files back, free of charge. Decryption keys for the ransomware were added to the Kaspersky Lab’s Rakhni decryptor tool Thursday morning. Dharma ransomware .dharma decryptor released pic.twitter.com/sIQorypOzj — Anton Ivanov @antonivanov...
CrySis Ransomware Master Decryption Keys Released
The threat posed by a ransomware family known as CrySis was diminished considerably on Sunday when the master decryption keys were released to the public. Researchers at Kaspersky Lab said they have already folded the keys into the company’s Rakhni decryptor and victims of CrySis versions 2 and 3...
Crysis 1.21 - 'keyexchange' Packet Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29720/info Crysis is prone to an information-disclosure vulnerability caused by a design error. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Crysis 1.21 and prior...
Crysis 1.21/1.5 HTTP/XML-RPC Service Access Violation Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35735/info Crysis is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying further...
Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC
No description provided by source. The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP...
Crysis 1.21 - HTTP/XML-RPC Service Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29759/info Crysis is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying further...
Flaw Leaves EA Origin Platform Users Open to Attack
Five years ago, a pair of security researchers write a book called Exploiting Online Games in which they described a number of ways in which attackers could take advantage of weaknesses in the protection systems for various gaming platforms. Now, with online gaming having emerged as a massive...
Gaming Platforms as an attack vector against remote systems
Little more than a year ago I wrote about the possibility to attack gaming platform to compromise large audience of gamers in stealthy way, the access to millions of machines represent a dream for every attackers and I hypnotized its repercussion in cyber warfare domains. Gaming platform are...
Crysis 1.21/1.5 - HTTP/XML-RPC Service Access Violation Remote Denial of Service
source: https://www.securityfocus.com/bid/35735/info Crysis is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying further service to legitimate users. Given...
Crysis 1.211.5 - HTTPXML-RPC Service Access Violation Remote Denial of Service
Crysis 1.211.5 - HTTPXML-RPC Service Access Violation Remote Denial of Service source: https://www.securityfocus.com/bid/35735/info Crysis is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to cra...
Information disclosure
Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information...