MAL-2025-21638 Malicious code in goldeneye (npm)

The package goldeneye was found to contain malicious code...

Malicious code in goldeneye (npm)

The package goldeneye was found to contain malicious code...

Malicious code in eslint-config-goldeneye (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11347 Malicious code in eslint-config-goldeneye (npm)

--- -= Per source details. Do not edit below this line.=-...

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. Indian security firm under scrutiny, according to an in-depth analysis from SentinelOne, began as a...

K57181937: Multiple Microsoft SMB (Wannacry/Wannacrypt/Petya/Goldeneye) vulnerabilities

Security Advisory Description CVE-2017-0143 The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to...

Exploit for CVE-2015-1328

CVE-2015-1328-GoldenEye about exploit: The overlayfs imple...

DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

An IRC Internet Relay Chat bot strain programmed in GoLang is being used to launch distributed denial-of-service DDoS attacks targeting users in Korea. "The malware is being distributed under the guise of adult games," researchers from AhnLab's Security Emergency-response Center ASEC said in a ne...

CVE-2017-2697

The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer...

Bye, bye Petya! Decryptor for old versions released.

Following the outbreak of the Petya-based malware in Ukraine, the author of the original version, Janus, decided to release his master key, probably closing the project. You can read the full story here. Based on the released key, we prepared a decryptor that is capable of unlocking all the...

Keeping up with the Petyas: Demystifying the malware family

Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the background of the Petya family. The origin of Petya...

Decryption Key to Original Petya Ransomware Released

The master key to the original version of the Petya ransomware – not to be confused with the latest and massive Petya/ExPetr outbreak that swept through the Ukraine and parts of Europe last month – has been released, allowing all the victims of previous Petya attacks to unscramble their encrypted...

The key to old Petya versions has been published by the malware author

As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor read more here. As a result of the recent events, Janus probably decided to shut down the Petya project. Similarly to th...

GoldenEye Malware

I don't have anything to say -- mostly because I'm otherwise busy -- about the malware known as GoldenEye, NotPetya, or ExPetr. But I wanted a post to park links. Please add any good relevant links in the comments...

EternalPetya – yet another stolen piece in the package?

Since June 27th we have been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since day one, various contradicting theories started popping up. Some believed that this malware is a rip-off of the original Petya, while others think that it is...

EternalPetya and the lost Salsa20 key

We have recently been facing a huge outbreak of a new Petya-like malware armed with an infector similar to WannaCry. The research is still in progress, and the full report will be published soon. In this post, we will focus on some new important aspects of the current malware. The low-level attac...

Massive Goldeneye Ransomware Attack Hits Users Worldwide

By Waqas Computer systems around the world have been hit with a new ransomware malware called Goldeneye, a variant of Petya ransomware. Its targets are governments and businesses; infecting computers and files to lock out users and demanding $300 in Bitcoin to regain access. Upon infecting a syst...

Huawei Mobile Goldeneye Driver Buffer Overflow Vulnerability

Huawei GT3, Honor 5C, Honor V8, P9 Lite, and Y6 II are a smartphone product of Huawei China. A buffer overflow vulnerability exists in the Goldeneye driver of Huawei phones, which can be exploited by an attacker to trick a user into installing a malicious application that sends specific parameter...

GoldenEye Denial of Service Tool

GoldenEye is a denial-of-service attack tool associated with malicious activity. The tool crafts and sends multiple HTTP requests that can potentially cause attacked systems to become temporarily unresponsive...

VLC Media Player 1.0.5 (Goldeneye) Buffer Overflow

There a Vulnerability in VLC Media Player v1.0.5 Goldeneye when handling M3U files with ftp:// URI handler. When we open the malicious file our EDX and EBP registers point to the user supplied data which might lead to code execution. State of the registers when we opne the malicious file is: EAX...