16 matches found
EUVD-2020-28722
Malware in sbrugna...
EUVD-2021-0810
Malware in sbrugna...
EUVD-2020-28725
Malware in sbrugna...
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also...
VX-API - Collection Of Various Malicious Functionality To Aid In Malware Development
The VX-API is a collection of malicious functionality to aid in malware development. It is recommended you clone and/or download this entire repo then open the Visual Studio solution file to easily explore functionality and concepts. Some functions may be dependent on other functions present with...
Malicious PyPI Packages Using Compiled Python Code to Bypass Detection
Researchers have discovered a novel attack on the Python Package Index PyPI repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode PYC files can be directly...
Plugins can be abused, custom FERC1155 Token can be abused
Lines of code Vulnerability details Impact HIGH - Assets can be stolen/compromised/lost directly. The creator of vault can add any functionality they want by plugins. Also they can bring any tokens for the vault. It can be used against users, or it will make exploits easier to execute. Proof of...
NIST Releases Updated Cybersecurity Guidance for Managing Supply Chain Risks
The National Institute of Standards and Technology NIST on Thursday released an updated cybersecurity guidance for managing risks in the supply chain, as it increasingly emerges as a lucrative attack vector. "It encourages organizations to consider the vulnerabilities not only of a finished produ...
Remote Code Execution and download tracking in Mintegral SDK
"This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google...
Code injection
This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners advertisers can remotely execute arbitrary code on a user device...
Design/Logic Flaw
This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Do...
CVE-2020-7744 Information Exposure
This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Do...
CVE-2020-7744
CVE-2020-7744 affects all versions of the com.mintegral.msdk:alphab component in the Android Mintegral SDK. Connected sources describe a malicious module that monitors downloads from Google domains or Google apps and from APKs, then exfiltrates the captured data to Mintegral’s servers, continuing...
CVE-2020-7705
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
CVE-2020-7705 Malicious Package
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
Fake Skype, Signal Apps Used to Spread Surveillanceware
Cybercriminals are increasingly peddling booby-trapped version of popular apps such as Skype and Signal that contain surveillanceware. Apurva Kumar, security intelligence engineer at Lookout, said that one such surveillanceware family that’s been spotted using this tactic is Monokle, a...