Lucene search
+L

62 matches found

thn
thn
added 2013/03/21 6:29 a.m.11 views

South Korea Cyber Attack, Wiper malware and Chinese IP Address

Yesterday we reported about a massive Cyber attack on South Korea that was responsible for shutting down networks of South Korean banks and TV broadcasters. Police are still investigating the cyber attack but the country's Communications Commission has revealed that the hacking originated from a...

7AI score
Exploits0
threatpost
threatpost
added 2012/08/16 11:27 p.m.9 views

Shamoon Malware Steals Data, Overwrites MBR

A new piece of malware known as Shamoon that has the ability to destroy files on infected machines and overwrite the master boot record has researchers scratching their heads, wondering what the tool’s purpose might be and why the attackers behind it would destroy infected PCs. There are some...

0.5AI score
Exploits0References2
thn
thn
added 2012/04/13 10:41 a.m.8 views

Ransomware replaces Windows MBR and asking users for Money

Ransomware replaces Windows MBR and asking users for Money Security researchers from TrendMicro, F-Secure and Dr. Web have intercepted two new ransomware variants currently circulating in the wild. This new ransomware variant prevents infected computers from loading Windows by replacing their...

7.1AI score
Exploits0
thn
thn
added 2011/09/19 6:19 p.m.10 views

BIOS based Virus discovered by Chinese Security Firm

BIOS based Virus discovered by Chinese Security Firm A Chinese AV company 360 discovered a new Trojan, the "BMW Virus" also called Mebromi, that can actually infect a computers BIOS: "BMW 360 Security Center virus is the latest catch of a high-risk virus, the virus that infected a chain BIOS...

6.9AI score
Exploits0
threatpost
threatpost
added 2011/08/09 4:35 p.m.22 views

Symantec: Boot Sector Malware In Vogue

HED: Symantec: Boot Sector Malware Back In Style DEK: Malware writers are turning to boot record malware to infect systems – a throwback to earlier forms of malware. What’s old is new again. This time it’s boot sector malware – fashionable around the turn of the Millenium – that’s making a...

7.1AI score
Exploits0References3
checkpoint_advisories
checkpoint_advisories
added 2011/07/04 12:0 a.m.2 views

Rootkit: TDLv4

TDL-4 is the fourth generation of the TDL botnet, originated in 2008. The TDL-4 botnet could be used to send out spam, steal individuals data or used for malicious attacks. TDL-4 features an improved algorithm that encrypts communications between infected computers and the botnet's C&C.; TDL-4 al...

6.9AI score
Exploits0
thn
thn
added 2011/04/06 5:25 a.m.6 views

New Chinese MBR Rootkit Identified

A new rootkit that uses the master boot record MBR to hide itself has been discovered in China and is being used to install an online game password stealer. The bootkit is installed on the computer by a trojan downloader distributed from a Chinese adult site and is detected by Kaspersky as...

7.1AI score
Exploits0
threatpost
threatpost
added 2011/04/05 3:51 p.m.14 views

Virus Watch: The Chinese Bootkit

We recently discovered a new bootkit, i.e. a malicious program which infects the hard drive’s boot sector. Kaspersky Lab detects it as Rookit.Win32.Fisp.a. The bootkit is distributed by Trojan-Downloader.NSIS.Agent.jd. The Trojan infects the computers of users who try to download a video clip fro...

6.9AI score
Exploits0References4
zdt
zdt
added 2010/01/15 12:0 a.m.23 views

linux/x86 overwrite MBR on /dev/sda with `LOL!` 43 bytes

Exploit for linux/x86 platform in category shellcode ======================================================== linux/x86 overwrite MBR on /dev/sda with LOL! 43 bytes ======================================================== ; linux/x86 overwrite MBR on /dev/sda with LOL! 43 bytes section .text glob...

7AI score
Exploits0
exploitdb
exploitdb
added 2010/01/15 12:0 a.m.33 views

linux/x86 overwrite MBR on /dev/sda with `LOL!' 43 bytes

linux/x86 overwrite MBR on /dev/sda with LOL!' 43 bytes. Shellcode exploit for linx86 platform ; linux/x86 overwrite MBR on /dev/sda with LOL!' 43 bytes ; root@thegibson ; 2010-01-15 section .text global start start: ; open"/dev/sda", OWRONLY; mov al, 5 xor ecx, ecx push ecx push dword 0x6164732f...

7.4AI score
Exploits0
threatpost
threatpost
added 2009/03/18 4:0 p.m.7 views

The Ryan & Roel Show Episode 1

Welcome to the Show – Mon, October 20 2008 In this show, we introduce ourselves and recap the Virus Bulletin 2008 conference. We talk about the MBR Trojan bootkit, the controversy surrounding anti-virus testing standards, information on the blackmarket for online gaming passwords and some data fr...

3.5AI score
Exploits0References1
securityvulns
securityvulns
added 2008/09/01 12:0 a.m.45 views

[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- iViZ Security Advisory 08-003 25/08/2008 - ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com -...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2008/09/01 12:0 a.m.28 views

[IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- iViZ Security Advisory 08-007 25/08/2008 - ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com -...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2008/08/26 12:0 a.m.35 views

[IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage

----------------------------------------------------------------------- iViZ Security Advisory 08-006 25/08/2008 ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2008/08/26 12:0 a.m.40 views

[IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage

----------------------------------------------------------------------- iViZ Security Advisory 08-009 25/08/2008 ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com...

0.1AI score
Exploits0
prion
prion
added 2007/07/27 10:30 p.m.15 views

Design/Logic Flaw

Guidance Software EnCase does not properly handle 1 certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; 2 NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain...

5CVSS6.7AI score0.02202EPSS
Exploits0References7
nvd
nvd
added 2007/07/27 10:30 p.m.15 views

CVE-2007-4035

Guidance Software EnCase does not properly handle 1 certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; 2 NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain...

5CVSS6.3AI score0.02202EPSS
Exploits0References7
cve
cve
added 2007/07/27 10:0 p.m.51 views

CVE-2007-4035

Guidance Software EnCase is affected by CVE-2007-4035 and related CVE-2007-4201 issues. The flaws involve improper handling of (1) malformed MBR partition tables with many entries that can prevent logical collection of a disk image, (2) NTFS filesystems with directory loops that can block examina...

5CVSS6.5AI score0.02202EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2007/07/27 10:0 p.m.20 views

CVE-2007-4035

Guidance Software EnCase does not properly handle 1 certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; 2 NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain...

6.3AI score0.02202EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2007/07/27 12:0 a.m.5 views

PT-2007-5243 · Guidance · Encase

Name of the Vulnerable Software and Affected Versions: Guidance Software EnCase affected versions not specified Description: The issue arises from the improper handling of certain malformed MBR partition tables and NTFS filesystems. This allows remote attackers to prevent the logical collection o...

5CVSS6.8AI score0.02202EPSS
Exploits0References9
Rows per page
Query Builder