infect-era.eu Improper Access Control vulnerability OBB-3824686

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

TargetCompany Ransomware Abuses FUD Obfuscator Packers

In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable FUD obfuscator engine BatCloak to infect vulnerable systems...

Malicious code in siimplejson (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 316b060e9aec636c2669e08548409e9fc974ed99179f2eacb655d6e1638f3cbd Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in matlotlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d6be1dfc396c618352f2e1c3b411654c89c618a47b5c2ffd778fd51a6e18188d Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Hackers using malicious CV files to infect PCs with banking trojan

By Deeba Ahmed Here's why one should never open unknown files sent by anonymous users. This is a post from HackRead.com Read the original post: Hackers using malicious CV files to infect PCs with banking trojan...

New Android ransomware uses pornographic posts to infect devices

By Uzair Amir The new Android ransomware was initially spread through Reddit and XDA-Developers' forum. This is a post from HackRead.com Read the original post: New Android ransomware uses pornographic posts to infect devices...

SpeakUp Linux Backdoor Sets Up for Major Attack

LAS VEGAS — A backdoor trojan dubbed “SpeakUp” has been spotted exploiting the Linux servers that run more than 90 percent of the top 1 million domains in the U.S. It uses a complex bag of tricks to infect hosts and to propagate, which analysts say could indicate that it’s poised for a major...

CVE-2017-16127

The CVE-2017-16127 entry concerns the npm package pandora-doomsday, a malicious module that infects other packages. According to connected advisories, it adds itself to the package.json of other packages discovered on the victim host and attempts to publish the package, effectively compromising p...

Malicious Module

pandora-doomsday and test-module-a are modules which can infect other modules. During installation, the module runs a postinstall script that adds the package's author mr-robot as an owner to every other package owned by the user that ran the npm install method...

Angelfire: CIA’ Undetectable Implants Infect Windows Boot Sector

By Uzair Amir WikiLeaks suffered a cyber attack earlier today, but that couldnt stop the whistleblowing platform This is a post from HackRead.com Read the original post: Angelfire: CIA Undetectable Implants Infect Windows Boot Sector...

Lenovo ThinkPad BIOS System Management Mode Arbitrary Code Execution Vulnerability

BIOS Basic Input/Output System i.e. Basic Output Input System is the most basic software code loaded on the computer hardware system. The Lenovo ThinkPad BIOS has a security vulnerability that can be exploited by an attacker with local administrative access to execute arbitrary code, disable flas...

This Malware Can Secretly Auto-Install any Android App to Your Phone

Own an Android Smartphone? Hackers can install any malicious third-party app on your smartphone remotely even if you have clearly tapped a reject button of the app. Security researchers have uncovered a trojanized adware family that has the capability to automatically install any app on an Androi...

Portable router storage 0 DAY vulnerability that hackers can steal the privacy-vulnerability warning-the black bar safety net

Tenda router 4G301 model the presence of memory-typeXSScross-site scripting vulnerability vulnerability number: RSV-2 0 1 4-0 0 1 River. Rising security experts, the vulnerability is currently no official patch, belonging to the 0 DAY vulnerability, an attacker can carefully construct a malicious...

Threat Outbreak Alert: Fake Bank Account Deposit Notification Email Messages on March 17, 2014

Medium Alert ID: 33361 First Published: 2014 March 17 14:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain a bank deposit notification for the recipient. The text in the email message attempts to...

Threat Outbreak Alert: Fake Product Invoice Email Messages on March 4, 2014.

Medium Alert ID: 33173 First Published: 2014 March 5 14:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product invoice for the recipient. The text in the email message attempts to convince the recipient to open the...

Threat Outbreak Alert: Fake Fund Transfer Notification Email Messages on December 5, 2013

Medium Alert ID: 32058 First Published: 2013 December 6 15:33 GMT Version: 1 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain payment transfer details for the recipient. The text in the e-mail message attempts to...

Threat Outbreak Alert: Fake Picture Purchase Request Email Messages on November 12, 2013

Medium Alert ID: 31726 First Published: 2013 November 12 21:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product request for the recipient. The text in the email message attempts to convince the recipient to open...

Threat Outbreak Alert: Fake Photo Sharing Email Messages on March 18, 2014

Medium Alert ID: 31006 First Published: 2013 September 28 05:14 GMT Last Updated: 2014 March 19 13:52 GMT Version: 5 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain a personal photo for the recipient. The text in the...

Threat Outbreak Alert: Fake Order Information Email Messages on August 6, 2013

Medium Alert ID: 30089 First Published: 2013 July 15 20:29 GMT Last Updated: 2013 August 6 16:10 GMT Version: 6 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain the answer about an online profile for the recipient. The...

Threat Outbreak Alert: Fake Money Transfer Notification Email Messages on April 7, 2014

Medium Alert ID: 26690 First Published: 2012 August 20 19:55 GMT Last Updated: 2014 April 8 13:28 GMT Version: 78 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a copy of a money transfer receipt for the recipient. The email message...