94 matches found
CVE-2022-47558 Improper Access Control in Ormazabal products
Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials. Exploitation of this vulnerability can allow an attacker to modify critical files that could allow the creation of new users, delete or modify existing users, modify configuration files, install...
CVE-2022-47558
Affected products: Ormazabal ekorCCP and ekorRCI. The vulnerability arises from FTP service access using default credentials, allowing an attacker to modify critical files, create/delete users, alter configuration files, and potentially install rootkits or backdoors. Documents from multiple sourc...
PT-2023-15400 · Ekorccp +1 · Ekorccp +1
Name of the Vulnerable Software and Affected Versions: ekorCCP affected versions not specified ekorRCI affected versions not specified Description: The issue arises due to access to the FTP service using default credentials. This can allow an attacker to modify critical files, potentially leading...
编号撤回
rkhunter Rootkit Hunter is rkhunter Rootkit Hunter open source a Unix-based tool. It can scan for Rootkit, backdoors and possible local vulnerability exploits. This CVE number has been withdrawn...
OpenSSH trojan campaign targets Linux systems and IoT devices
Poorly configured Linux and Internet of Things IoT devices are at risk of compromise from a cryptojacking campaign, according to researchers at Microsoft. The attacks, which involve brute forcing a way into a system, are designed to profit from mining in illicit fashion for cryptocurrency. Once t...
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems,...
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems,...
CertVerify - A Scanner That Files With Compromised Or Untrusted Code Signing Certificates
The CertVerify is a tool designed to detect executable files exe, dll, sys that have been signed with untrusted or leaked code signing certificates. The purpose of this tool is to identify potentially malicious files that have been signed using certificates that have been compromised, stolen, or...
Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...
3 ways DNS filtering can save SMBs from cyberattacks
If you’re an SMB, chances are that you’re already well-aware of the fact that cyber threats can wreak havoc on your business. Everything from rootkits to ransomware threaten not just financial losses, but also significant network downtime and reputational damage as well. Couple this with the fact...
Vulnerabilities fixed in Lenovo notebook BIOS
Vulnerabilities have been found in several Lenovo laptop models by researchers from security firm ESET. These vulnerabilities are Lenovo-specific, a full list of affected Lenovo laptops can be found under "Possible fixes." Two of these vulnerabilities, with attributes CVE-2021-3970 and...
New "B1txor20" Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw
A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360's Netlab security team called it B1txor20 "based on its propagation using the file name...
Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...
Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations
Cybersecurity researchers have proposed a novel approach that harnesses electromagnetic field emanations from the Internet of Things IoT devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation...
Researchers Warn of Facefish Backdoor Spreading Linux Rootkits
Cybersecurity researchers have disclosed a new backdoor program capable of stealing user login credentials, device information and executing arbitrary commands on Linux systems. The malware dropper has been dubbed "Facefish" by Qihoo 360 NETLAB team owing its capabilities to deliver different...
Emulation of Kernel Mode Rootkits With Speakeasy
In August 2020, we released a blog post about how the Speakeasy emulation framework can be used to emulate user mode malware such as shellcode. If you haven’t had a chance, give the post a read today. In addition to user mode emulation, Speakeasy also supports emulation of kernel mode Windows...
Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to...
Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to...