APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat

APT10 Background APT10 MenuPass Group is a Chinese cyber espionage group that FireEye has tracked since 2009. They have historically targeted construction and engineering, aerospace, and telecom firms, and governments in the United States, Europe, and Japan. We believe that the targeting of these...

Andrew Macpherson on Intelligence Gathering with Maltego

Ryan Naraine talks with Operations Manager at Paterva Andrew Macpherson who outlines the details of the “Digital Intelligence Gathering using Maltego” course being offered at the SAS 2017 and talks about the benefits for data mining by pen testers, malware analysts and law enforcement agencies...

Zcash Spurs Rash of Malicious Mining Software

Cybercriminals are targeting computers with malicious mining software thanks in part to the appeal of a new cryptocurrency called Zcash that claims to cloak the sender, the recipient and value of transactions. That type of anonymity is not afforded by Bitcoin and is sought after by crooks, said...

Malicious Cryptocurrency Mining tool turns Computers into Zcash Mining Machines

Since its launch over a month ago, new virtual currency Zcash ZEC has become a significant way for cybercrooks to make money by infecting computers with software mining program. Launched in late October, Zcash ZEC is a new cryptocurrency currency that claims to be more anonymous than Bitcoin, as...

Microsoft Shares Telemetry Data Collected from Windows 10 Users with 3rd-Party

Cyber security is a major challenge in today's world, as cyber attacks have become more automated and difficult to detect, where traditional cyber security practices and systems are no longer sufficient to protect businesses, governments, and other organizations. In past few years, Artificial...

Unmasking xDedic's Black Market for Servers and PCs

LAS VEGAS — Black market machine trading of PC and server resources is maturing at alarming speeds. Underground networks such as xDedic have fine-tuned their compute platform to the point where they are almost indistinguishable to legitimate networks such as Amazon Web Services and Rackspace. Tho...

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

Open Source Intelligence and Forensics : Maltego

Maltego is an open source intelligence and forensics application Maltego is a visual link analysis tool that, out the box, comes with open source intelligence OSINT plugins, called transforms. The tool offers real-time data mining and information gathering as well as the representation of this...

SQL Injection Vulnerability in the 'id' parameter of the mining system of Shenzhen Jishu Communication Co.

Ltd. is a communication enterprise providing communication services and communication products. A SQL injection vulnerability exists in the program mining system of Shenzhen Jishu Communication Co. The lack of filtering of the 'id' parameter allows an attacker to exploit the vulnerability to obta...

SQL Injection Vulnerability in the 'classid' parameter of the mining system of Shenzhen Jishu Communication Co.

Ltd. is a communication enterprise providing communication services and communication products. A SQL injection vulnerability exists in the program mining system of Shenzhen Jishu Communication Co. The lack of filtering of the 'classid' parameter allows an attacker to exploit the vulnerability to...

SQL injection vulnerability in the 'atdid' parameter of the mining system of Shenzhen JTS Communications Co.

Ltd. is a communication enterprise providing communication services and communication products. A SQL injection vulnerability exists in the program mining system of Shenzhen Jishu Communication Co. The lack of filtering of the 'atdid' parameter allows an attacker to exploit the vulnerability to...

SQL injection vulnerability in the 'merid' parameter of the mining system of Shenzhen Jishu Communication Co.

Ltd. is a communication enterprise providing communication services and communication products. A SQL injection vulnerability exists in the program mining system of Shenzhen Jishu Communication Co. The lack of filtering of the 'merid' parameter allows an attacker to exploit the vulnerability to...

Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares

Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit This particular vulnerability makes it possible to force a Stratum Mining Pool to accept "invalid" shares by the thousands for each mining pool round. It is possible to make pure money from this vulnerability. The exploit is real but...

The HinterLands: Mining Game - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application The HinterLands: Mining Game published at the 'play' market has multiple vulnerabilities...

IBM SPSS Modeler Information Disclosure Vulnerability

IBM SPSS Modeler formerly known as Clementine is a set of data mining platforms from the American company IBM. The platform provides a visual environment for rapid model building, and provides functions such as data source connection, data processing, modeling and analysis. A security vulnerabili...

Wanna Mine Bitcoins Faster? Researchers Find New Way to Do it

A new machine for Bitcoin Mining called "Approximate Hardware" would make Bitcoin mining easier. Bitcoin had gained tremendous popularity over a few couple of years among the virtual currencies due to its decentralized principle. Mining a single Bitcoin is not an ice cake walk, as it requires an...

WinREST Remote Privilege Escalation

So a year back I was massively scanning internet. This case ISPs IPs blocks where you can find easily at RIPE for example. Then I found some interesting hosts where SMB were open and the ACL is totally open to root file system with the same netbios name. All file system is writable. I was able to...

Solr 3.5.0 - Arbitrary Data Deletion

Solr 3.5.0 - Arbitrary Data Deletion Exploit Title: All Solr Data Can Be Delete Google Dork: intext:Schema Config Analysis Schema Browser Statistics Info Distribution Ping Logging Date: 5/2/2016 Exploit Author: N37 Myanmar Vendor Homepage: http://lucene.apache.org/solr/ Software Link:...