Trojan Attacks on Neural Network Controllers for Robotic Systems

Neural network controllers are increasingly deployed in robotic systems for tasks such as trajectory tracking and pose stabilization. However, their reliance on potentially untrusted training pipelines or supply chains introduces significant security vulnerabilities. This paper investigates...

Platinum APT Shines Up New Titanium Backdoor

APT threat group Platinum has a shiny new plaything: A custom trojan backdoor dubbed Titanium. The backdoor’s name, aside from keeping with the silvery metal theme, comes from password to one of the self-executable archives found in the code. According to Kaspersky researchers who analyzed the...

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium named after a password to one of the self-executable archives. Titanium is the final result of a...

McAfee Night Dragon Report (Update A)

Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain...

NetSarang Xmanager Enterprise 5 Backdoor Trojan (ShadowPad)

The Xmanager Enterprise 5, a network connectivity suite for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor. The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker...

NetSarang Xshell 5 Backdoor Trojan (ShadowPad)

The Xshell 5, a terminal emulator for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor. The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker. C Tenable Network...

NetSarang Xftp 5 Backdoor Trojan (ShadowPad)

The Xftp 5, an FTP client for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor. The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker. C Tenable Network Security,...

NetSarang Xlpd 5 Backdoor Trojan (ShadowPad)

The Xlpd 5,a line printer daemon for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor. The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker. C Tenable Network...

Trojan/Backdoor - Storm/Pecoan.AG Worm Detection

Binary data 5526.prm...

Trojan/Backdoor Detection - Conficker Detection

Binary data 4978.prm...

Trojan/Backdoor - PhatBOT Detection

Binary data 1202.prm...