MAL-2025-23144 Malicious code in india-mbr-project (npm)

The package india-mbr-project was found to contain malicious code...

QEMU: improper IDE controller reset can lead to MBR overwrite

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

QEMU: improper IDE controller reset can lead to MBR overwrite

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

Moderate: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2023-5088 Qemu: improper ide controller reset can lead to mbr overwrite

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

Moderate: Red Hat Security Advisory: gdisk security update

An update for gdisk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2022:7700 Moderate: gdisk security update

The gdisk packages provide the gdisk partitioning utility for GUID Partition Table GPT disks. The utility features a command-line interface similar to fdisk, direct manipulation of partition table structures, recovery tools to deal with corrupt partition tables, and the ability to convert Master...

Return of Pseudo Ransomware

Return of Pseudo Ransomware By Trellix, Max Kersten and Raj Samani · January 20, 2022 Arnab Roy, Filippo Sitzia and Mo Cashman contributed to the research supporting this blog Recent news reports of a “ransomware” campaign targeting Ukraine has resulted in significant press coverage regarding not...

Destructive malware targeting Ukrainian organizations

Microsoft Threat Intelligence Center MSTIC has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and...

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage

A rare Windows UEFI bootkit malware has been discovered, offering attackers a path to cyber-espionage, researchers are warning. According to ESET, the bootkit’s goal is to install a full featured backdoor on a target PC, which “supports a rich set of commands and contains various automatic data...

FinSpy: unseen findings

FinSpy, also known as FinFisher or Wingbird, is an infamous surveillance toolset. Kaspersky has been tracking deployments of this spyware since 2011. Historically, its Windows implant was distributed through a single-stage installer. This version was detected and researched several times up to...

Security Bulletin: Vulnerabilities in util-linux affect Power Hardware Management Console (‪CVE-2016-5011‬‬)

Summary util-linux is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-5011 DESCRIPTION: Util-linux is vulnerable to a denial of service, caused by an error when parsing Master Boot Record MBR record. By connecting a devic...

Ventoy - A New Bootable USB Solution

Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHDx/EFI files. With ventoy, you don't need to format the disk over and over, you just need to copy the image files to the USB drive and boot it. You can copy many image files at a time and ventoy will give you a boot menu...

[ASA-202101-34] gptfdisk: arbitrary code execution

Arch Linux Security Advisory ASA-202101-34 ========================================== Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2021-0308 Package : gptfdisk Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1435 Summary ======= The package gptfdisk before...

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang also called Double Gun, which has been behind several attacks since 2017 aimed at...

Wiper Malware Called "Coronavirus" Spreads Among Windows Victims

A new Windows malware has emerged that makes disks unusable by overwriting the master boot record MBR. It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.” Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that...

Threat Analysis Unit (TAU) Threat Intelligence Notification: CoronaVirus Ransomware

"CoronaVirus" Ransomware has been found distributed via a phishing website. The malicious website will distribute a trojan downloader which then leads to downloading additional malicious payloads: the Kpot InfoStealer and Coronavirus Ransomware. "CoronaVirus" Ransomware will perform the deletion ...

OATmeal on the Universal Cereal Bus: Exploiting Android phones over USB

Posted by Jann Horn, Google Project Zero Recently, there has been some attention around the topic of physical attacks on smartphones, where an attacker with the ability to connect USB devices to a locked phone attempts to gain access to the data stored on the device. This blogpost describes how...

[SECURITY] Fedora 26 Update: fedora-arm-installer-2.1-1.fc26

Allows one to first select a source image local or remote. The image must be a binary file containing: MBR + Partitions + File Systems + Data. A destination block device should then be selected for final installation...

mbrrecruitment.com XSS vulnerability

Open Bug Bounty ID: OBB-447397 Description| Value ---|--- Affected Website:| mbrrecruitment.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...