A simple example of a complex cyberattack

We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious...

Google Android Kernel Component Information Disclosure Vulnerability (CNVD-2016-12197)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. kernel is one of the kernels. An information disclosure vulnerability exists in the kernel component of Android. An attacker can exploit this vulnerability to obtain sensitive...

File overwrite and privilege escalation through Mozilla Windows updater — Mozilla

Security researcher Frédéric Hoguin reported a mechanism where the Mozilla Windows updater could be used to overwrite arbitrary files. He found that files extracted by the updater from a MAR archive are not locked for writing and can be overwritten by other processes while the updater is running....

File upload vulnerability example analysis-vulnerability warning-the black bar safety net

Principles File upload is a Web application that often appear in the function,it allows users to upload files to the server and saved to a specific location. This security is a very sensitive issue, once the malicious program is uploaded to the server and get the Execute permission, the...

Hacking Team Android browser attacks during the vulnerability analysis Stage 2-vulnerability warning-the black bar safety net

A, vulnerability introduction: Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through Javascript to the virtual memory wri...

Stagefright 2.0 vulnerability struck by the impact on the billion Android users-vulnerability warning-the black bar safety net

Android users Note:Due to the latest two latest stagefright vulnerability disclosure, estimated at more than 1 0 million Android users of the system will suffer this vulnerability. Yes, that stagefright vulnerability and return! This year 7 month, Zimperium company security researchers...

Hacking Team Android browser attacks during the vulnerability analysis Stage0-vulnerability warning-the black bar safety net

A, vulnerability introduction Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through javascript to the virtual memory writ...

Android devices frequently have pits: Certifi-gate vulnerability control-screen recording-vulnerability warning-the black bar safety net

! This month's black hat conference disclosure vulnerability Certifi-gate exposed android security repeatedly go wrong. The black bar safety net Encyclopedia: what is the Certifi-gate “Certifi-gate”is a vulnerability, this vulnerability exists in the Android phone remote support...

WordPress plug-in MailPoet memory vulnerabilities or cause the website to be black-and-vulnerability warning-the black bar safety net

7 in early May, according to security company Sucuri research report, downloaded over 1 7 0 million WordPress plug-in MailPoet was traced to the presence of security risks, may result in the site more likely to be a hacker hijacked, according to its indicates, is black the website is still growin...

BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5714/info It has been reported that BubbleMon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open fil...

ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5716/info It has been reported that ascpu is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...

WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5718/info It has been reported that wmmon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...

Zone Labs Zone Alarm 6.0 Advance Program Control Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/15347/info Zone Labs Zone Alarm is prone to a weakness that permits the bypassing of the Advanced Program Control protection. Reports indicate that applications can create a modal dialog box displaying HTML, which can the...

Volafox - Mac OS X & BSD Memory Analysis Toolkit

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this...

Safari Stores Previous Browsing Session Data Unencrypted

Users of Apple’s Safari browser are at risk for information loss because of a feature common to most browsers that restores previous sessions. The problem with Safari is that it stores session information including authentication credentials used in previous HTTPS sessions in a plaintext XML file...

Android ZIP文件提取classes.dex文件签名校验绕过漏洞

Google Android是一种以Linux为基础的开放源代码操作系统，主要使用于便携设备 Google Android在签名验证过程中，对Zip文件相应16位域的读取时，没有考虑到大于2^15的情况。通过构建特殊的classes.dex，可绕过签名校验，安装恶意程序 0 Google Android 4.2 厂商解决方案 目前没有详细解决方案提供： http://www.android.com/...

Android Malware that can DDoS Attacks from your smartphone

The Russian anti-virus vendor Doctor Web has found a new malicious program for Android which allows hacker groups to carry out mobile denial of service attacks. While it's not entirely clear how the Trojan is spread, researchers suspect that the attackers use social engineering tactics since the...

Virus conducting DDoS attack from infected systems

Russian anti-virus company Doctor Web is warning users about the malicious program which is helping attackers carry out mass spam mailings and allow attacker to use victim's PC as slave of his DDOS Army. According to researchers from the company they have discovered a Trojan "Trojan.Proxy.23012"...

miniFlame - A New cyber espionage malware discovered

Kaspersky has discovered new malware dubbed 'miniFlame', cyber espionage software directly linked to Flame. This new nation-state espionage malware that has ties to two previous espionage tools known as Flame and Gauss, and that appears to be a "high-precision, surgical attack tool" targeting...

Dark Comet RAT Tailored For Attacks On Gamers, Governments

Researchers analyzing the Dark Comet remote access Trojan RAT program say that data from more than 400 campaigns suggests the malicious program is being used for a wide range of jobs, from attacks on online gamers, to potential hacks of air force bases and government Web sites. In the blog entry,...