Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking

Former Amazon employee Paige Thompson, who was arrested last month in relation to the Capital One data breach, has been accused of hacking not only the U.S. credit card issuer, but also more than 30 other companies. An indictment unsealed on Wednesday revealed that Thompson not just stole data fr...

CVE-2019-13405

A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...

Improper access control

A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...

CVE-2019-13405 Advan VD-1 allows a remote user to enable Android Debug Bridge without any authentication

A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...

CVE-2019-13405

CVE-2019-13405 affects AndroVideo Advan VD-1 firmware v230. The issue is broken access control allowing an unauthenticated POST to cgibin/AdbSetting.cgi to enable ADB, enabling the attacker to take control of the device as a relay or install mining software. The public docs do not provide a patch...

Cryptocurrency Mining Employees Expose Nuclear Plant to Internet

Xbox eavesdropping, email scammers, and more of the week's top security news...

Authorities arrest culprits for crypto mining at Ukraine nuclear plant

By Sudais Authorities have arrested several people for using a nuclear plant in South Ukraine for illegal crypto mining. This is a post from HackRead.com Read the original post: Authorities arrest culprits for crypto mining at Ukraine nuclear plant...

IT threat evolution Q2 2019

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added...

Carbon Black Threat Analysis Unit (TAU) Uncovers Significant Evolution of Popular Cryptomining Campaign Affecting More than 500,000 Computers

Carbon Black’s CB Threat Analysis Unit TAU has uncovered a secondary component in a well-known cryptomining campaign. The malware has been enhanced to also steal system access information for possible sale on the dark web. Combined together, this attack is being classified as “Access Mining.” Thi...

honggfuzz vulnerability mining technology principle analysis-vulnerability warning-the black bar safety net

Google AFLWinAFL, the libfuzzer and honggfuzz is the most famous of the three based on code coverage fuzzer is. Online on the AFLWinAFLanalysis of the articles more, and on the latter two Analysis Articles less. Before the spring brother has written about honggfuzz article: honggfuzz vulnerabilit...

RATs and stealers rush through “Heaven’s Gate” with new loader

By Holger Unterbrink and Edmund Brumaghin. Executive summary Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. Flying under the radar fo...

Ann Day honey network capture“use of the ElasticSearch Groovy vulnerability Monroe coin(Dog)mining”event analysis-vulnerability warning-the black bar safety net

1, Overview 2019 6 May 13, Ann Day honey network capture to use CVE-2015-1427ElasticSearch Groovyremote command execution vulnerability attacks. The vulnerability principle is Elaticsearch groovy as a scripting language, and based on the use of black and white lists of the sandbox mechanism to...

Router 0day vulnerability discovery practical-vulnerability warning-the black bar safety net

! Last year 7 month in the company's internal share over this issue, said to also almost a year, too lazy to now only issued to. In 2018, 3, 4 on more than two or three months time, spent more and more time to engage in a domestic router, dug some holes, after also don't get it. Also wrote a litt...

This Cryptomining Malware Launches Linux VMs On Windows and macOS

Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware. It may sound strange, but it's true. Dubbed "LoudMiner " and also "Bird Miner, " the attack leverages...

This Cryptomining Malware Launches Linux VMs On Windows and macOS

Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware. It may sound strange, but it's true. Dubbed "LoudMiner" and also "Bird Miner," the attack leverages...

News Wrap: Infosecurity Europe Highlights and BlueKeep Anxiety

This week, the focus was on Infosecurity Europe, which took place in London and showcased a myriad of sessions, threat research and trends in the cybersecurity space. During the Threatpost news wrap for the week ended June 7, the team breaks down the top news from the show, as well as other...

Hidden Bee: Let’s go down the rabbit hole

Some time ago, we discussed the interesting malware, Hidden Bee. It is a Chinese miner, composed of userland components, as well as of a bootkit part. One of its unique features is a custom format used for some of the high-level elements this format was featured in my recent presentation at SAS...

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has...

vaeThink v1. 0. 1 code execution vulnerability mining analysis-vulnerability warning-the black bar safety net

0x01 introduction This article is for a niche CMS（vaeThink v1. 0. 1 for analysis, code execution vulnerability discovery and audit process of the record, the CMS is based on ThinkPHP5 development. As a code audit entry rookie, also want to be able to practice and learn the process of recording an...

Hackers Take Over IoT Devices to 'Click' on Ads

By 2025 there will be 25 billion internet of things IoT connections, according to GSMA Intelligence. And if hackers have it their way, many of those IoT devices will be hijacked and recruited into online pay-per-click advertising scams. At the Security Analyst Summit 2019, Threatpost sat down wit...