11 matches found
Backdoor.Win32.PoisonIvy.ymw MVID-2024-0688 Insecure Credential Storage
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b0748f1c1a17bad44dc9bd750fc97547.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.PoisonIvy.ymw Vulnerability: Insecure Credential Storage Family: PoisonIvy Type:...
NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers
A new cyber espionage group named Gelsemium has been linked to a supply chain attack targeting the NoxPlayer Android emulator that was disclosed earlier this year. The findings come from a systematic analysis of multiple campaigns undertaken by the APT crew, with evidence of the earliest attack...
A New Software Supply‑Chain Attack Targeted Millions With Spyware
Cybersecurity researchers today disclosed a new supply chain attack targeting online gamers by compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs. Dubbed "Operation NightScout" by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign...
MalConfScan - Volatility Plugin For Extracts Configuration Data Of Known Malware
MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In addition, this tool has a function ...
Cellular networks under fire from Soft Cell attacks
We place a lot of trust in our mobile experience, given they’re one of the most constant companions we have. Huge reams of data, tied to a device we always carry with us, with said device frequently offering additional built-in app functionality. An astonishing wealth of information, for anyone...
Chinese Groups Found Targeting Govt, Military Systems
Two Chinese cyber espionage campaigns are working in tandem in hopes of sniffing out trade secrets from surrounding nations. Researchers from FireEye outlined information about the two attack groups yesterday in advance of a more comprehensive report. One of the groups, Moafree, operates out of t...
IE 8 0Day in Sunshop Targeted Espionage Malware Campaign
Lady Boyle seems to have an admirer. Malware named after a character in the Dishonored video game continues to pop up in targeted attacks against a number of high profile military and socially motivated websites. The latest surfaced about 10 days ago in an attack researchers at FireEye are callin...
New Zero-Day Vulnerability Found in Java 5, 6 and 7; 1.1 Billion Desktops Affected
Just when you thought it was safe to go back to using Java, security researchers have found another gaping hole that could impact potentially more than 1.1 billion desktops running the Oracle-owned platform. A critical vulnerability in all of the latest versions of Java SE software was discovered...
Microsoft Will Patch IE Zero-Day on Friday; Fixit Available as Stopgap
Microsoft announced last night it would issue an out-of-band patch on Friday for a zero-day Internet Explorer vulnerability disclosed earlier this week. In the meantime, Microsoft made a FixIt available on Wednesday that would temporarily mitigate the threat posed by active exploits found in the...
Microsoft Targets SpyEye Trojan in Latest MSRT Update
The company takes aim at the ubiquitous SpyEye banking trojan with its free Malicious Software Removal Tool MSRT, saying that the malware is more common than ever, and is being used to grab data from sensitive online sessions. In a blog post on Wednesday on the company’s Malware Protection Center...
New Attacks Targeting Adobe PDF Flaw
There is a new, targeted attack that is going after the Adobe Reader and Acrobat zero-day vulnerability that was disclosed last month. The attack uses a sophisticated JavaScript-based exploit that includes shell code that is just 38 bytes long. An analysis of the exploit by the SANS Internet Stor...