Lucene search
K

36 matches found

The Hacker News
The Hacker News
added 2023/08/15 4:44 p.m.29 views

Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team SRT following a client engagement. The issues...

10CVSS8.5AI score0.01163EPSS
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.401 views

AD Manager Plus 7122 Remote Code Execution

Exploit Title: AD Manager Plus 7122 - Remote Code Execution RCE Exploit Author: Chan Nyein Wai & Thura Moe Myint Vendor Homepage: https://www.manageengine.com/products/ad-manager/ Software Link: https://www.manageengine.com/products/ad-manager/download.html Version: Ad Manager Plus Before 7122...

10CVSS8.9AI score0.99999EPSS
Exploits351
Malwarebytes
Malwarebytes
added 2021/08/23 10:59 a.m.48 views

A week in security (August 16 – August 22)

Last week on Malwarebytes Labs: Podcast: Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks. How to troubleshoot hardware problems that look like malware problems. Analysts “strongly believe” the Russian state colludes with ransomware gangs. macOS 11’s hidden security...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/25 1:45 p.m.1 views

Popular Malware Families Using 'Process Doppelgänging' to Evade Detection

The fileless code injection technique called Process Doppelgänging is actively being used by not just one or two but a large number of malware families in the wild, a new report shared with The Hacker News revealed. Discovered in late 2017, Process Doppelgänging is a fileless variation of Process...

7.3AI score
Exploits0
Trellix
Trellix
added 2019/06/20 12:0 a.m.12 views

In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass

ARCHIVED STORY In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass By Eoin Carroll · June 20, 2019 Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILEOBJECT locations, which impacts non-EDR Endpoint Detection a...

8.1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/10/25 3:27 p.m.544 views

Pentagon Expands Bug-Bounty Program to Include Physical Systems

The Department of Defense is expanding its “Hack the Pentagon” bug-bounty program to include hardware assets, tapping the Synack, HackerOne and Bugcrowd platforms to attract more white hats to the effort. The news comes two weeks after the Government Accountability Office GAO released a report...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/05/07 6:54 p.m.16 views

Variant of SynAck Malware Adopts Doppelgänging Technique

Researchers have identified a new variant of the SynAck ransomware that is now using the newly identified Process Doppelgänging to slip past antivirus programs. Researchers said this is the first ransomware seen in the wild to employ the approach. Both SynAck ransomware and Process Doppelgänging...

0.2AI score
Exploits0References2
The Hacker News
The Hacker News
added 2018/05/07 12:30 p.m.111 views

First-Ever Ransomware Found Using 'Process Doppelgänging' Attack to Evade Detection

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2018/05/07 12:30 p.m.2 views

First-Ever Ransomware Found Using 'Process Doppelgänging' Attack to Evade Detection

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging , a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated...

7.1AI score
Exploits0
Securelist
Securelist
added 2018/05/07 10:0 a.m.96 views

SynAck targeted ransomware uses the Doppelgänging technique

The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this sophisticated technique in an attempt to bypass modern security solutions. In April 2018, we spotted the first ransomware...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/26 6:11 p.m.48 views

Keychain vulnerability in macOS

On Monday, Patrick Wardle, a respected security researcher at Synack and owner of Objective-See, sent a tweet about a keychain vulnerability he had found in macOS High Sierra. As his tweet showed, it is possible for a malicious app to extract, and then exfiltrate, keychain data from High Sierra,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2017/09/25 10:23 p.m.20 views

Apple macOS High Sierra Exploit Lets Hackers Steal Keychain Passwords in Plaintext

Apple yesterday rolled out a new version of its macOS operating system, dubbed High Sierra 10.13—a few hours before an ex-NSA hacker publicly disclosed the details of a critical vulnerability that affects High Sierra as well as all earlier versions of macOS. Patrick Wardle, an ex-NSA hacker and n...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2017/08/24 10:32 a.m.5 views

Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root

A deprecated Apple authorization API, invoked by third-party installers, is still developers’ preferred choice for updating apps and services on macOS. And that’s a problem because of a massive security issue that could be abused by a local attacker to elevate privileges to root with a little...

1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2016/08/10 11:0 a.m.13 views

Putting Apple Bug Bounty Rewards in Perspective

Admittedly, the payouts for Apple’s bug bounty announced last week at Black Hat drew mixed reactions ranging from reasonable to raucously funny. Apple made a big splash at the annual hacker conference, first via a last-minute announcement that well-regarded Ivan Krstic would be giving a talk on...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2016/01/20 8:53 a.m.7 views

January 2016 Apple Security Patches iOS, OS X, Safari

Apple on Tuesday released security patches for iOS, OS X and an update for the Safari browser. The patches come less than a week after a ShmooCon presentation by Synack director of research Patrick Wardle revealed that Apple’s Gatekeeper security feature in OS X can be bypassed by an attacker wit...

1.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/07/30 1:56 p.m.28 views

Writing OS X Malware at Black Hat 2015

Patrick Wardle has one word for today’s generation of Mac OS X malware: lame. Sure there are advanced samples out there developed by nation-state sponsored groups or exploit vendors such as Hacking Team, but for the most part, Wardle says, we’re still talking about malware that are standalone...

1.7AI score
Exploits0References2
Rows per page
Query Builder