EUVD-2016-3352

Malware in sbrugna...

K13838: XSS vulnerability CVE-2012-2975

Security Advisory Description A cross-site scripting XSS vulnerability exists on the BIG-IP ASM traffic overview page. Malicious request URLs may be exposed in the Configuration utility without proper sanitization. CVE-2012-2975 Impact Privileged root access may be granted to unauthenticated user...

State-backed hacking group from China is targeting the Russian military

In an unexpected turn of events, research has surfaced about a Chinese APT advanced persistent threat group targeting the Russian military in recent cyberattacks. Tracked as Bronze President, Mustang Panda, RedDelta, and TA416, the group has focused mainly on Southeast Asian targets—and more...

Unpatched SMB Zero Day Easily Exploitable

In what’s turning out to be the zero day that keeps on giving, researchers are still finding ways to exploit an unpatched denial of service vulnerability that exists in the way Windows implements the Server Message Block protocol. Details around the bug aren’t a mystery. Laurent Gaffié, the...

Turning Tables on Nigerian Business Email Scammers

SAN FRANCISCO – Traditional takedowns of cybercrime enterprises generally rely on court orders that facilitate either taking servers offline or sending the criminals malware that helps identify them or their locations. Sometimes, however, the technical option is second best. Researchers at Dell...

Dell SecureWorks app for iOS Man-in-the-Middle Attack Vulnerability

The Dell SecureWorks app for iOS is a suite of iOS-based mobile applications from Dell Inc. for accessing Dell SecureWorks' security information. A man-in-the-middle attack vulnerability exists in the Dell SecureWorks app for iOS prior to version 2.1. The vulnerability can be exploited by an...

CVE-2016-2268

Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2016-2268

Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2016-2268

Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Emissary Panda APT Group Gets Selective About Data it Steals

LAS VEGAS – The Emissary Panda APT group has a long history of invading Western organizations—be they enterprises, government or political outfits—hungry for reams of intellectual property. Lately the group, however, has become a little more selective about what it steals. Researchers at Dell...

Stegoloader Malware Uses Steganography to Hide Itself

Malware writers aren’t hesitant to do what it takes to protect a campaign and keep it hidden from detection technologies and security researchers. The group behind the Stegoloader malware, disclosed Monday by researchers at Dell SecureWorks, has taken to digital steganography to keep its...

Skeleton Key Malware Bypasses Active Directory Authentication

Enterprise Active Directory administrators need to be on the lookout for anomalous privileged user activity after the discovery of malware capable of bypassing single-factor authentication on AD that was used as part of a larger cyberespionage campaign against a global company based in London...

CryptoWall Ransomware Earns $1.1M, Encrypts 5 Billion Files

CryptoWall is a million-dollar business. The file-encrypting ransomware has netted the criminal gang responsible for its development and dispersal, more than $1.1 million in the six months it’s been in the wild, researchers at Dell SecureWorks’ Counter Threat Unit said in a report this week. The...

Open Web Analytics 1.5.4 - owa_email_address SQL Injection

Open Web Analytics 1.5.4 - owaemailaddress SQL Injection """ Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL:...

GameOver Zeus Now Using Encryption to Bypass Detection

Cybercriminals have begun to tweak the way the GameOver Zeus Trojan is being delivered to users’ machines, making it easier for the banking malware to evade detection and steal victims’ credentials. To get the job done the malware has been working in tandem with the malware Upatre. For about a we...

Peer-to-Peer Botnet Takedowns a Challenge

The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...

Gameover Zeus Variant Sends Malicious Email Via Cutwail Botnet

The crew responsible for operating the Gameover variant of the infamous Zeus banking trojan is soliciting the enormous Cutwail botnet’s spamming capacity as an engine to fire off millions of malicious emails that seemingly originate from a number of recognizable U.S. banks. The fraudulent emails...

SOL13838 - XSS vulnerability CVE-2012-2975

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version or hotfix that is listed in the Versions known to be not vulnerable column in the previous table. Acknowledgements F5 would like to acknowledge Roger Wemyss with Dell SecureWorks for his efforts in identifying...

Joe Stewart on APTs and Cyber Espionage

Dennis Fisher talks with Joe Stewart of the Dell SecureWorks Counter Threat Unit about his team’s new research on the landscape of APT malware families, who is behind the use of these tools and how poorly prepared most organizations are for attacks by these crews. Download: digitalunderground101...

Imperva SecureSphere management GUI contains an XSS vulnerability

Overview An XSS vulnerability exists in the Imperva SecureSphere management GUI. Description Dell SecureWorks' SWRX-2011-001 advisory states:"A vulnerability exists in Imperva SecureSphere due to improper validation of user-controlled input. User-controllable input is not properly sanitized for...