Security I Trust, Information Security, IT Security

Antivirus Evasion with Python

July 18, 2019 admin 0 Comments AV

When deploying defense in depth security controls for your organization, you are likely to include antiviruses as part of the

Hacking attack Info

Russian Bears Need Less Than 20 Minutes To Hack Your Data

February 22, 2019 admin 0 Comments

Russian bears lead the way when it comes to gaining enough of a foothold in your networks to perform a

IT Security News

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections

February 22, 2019 admin 0 Comments

As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and

Info IT Security News

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

February 22, 2019February 22, 2019 admin 0 Comments

1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory. Secure

Info IT Security News

AV-TEST Awards 2018 go to TrendMicro

February 22, 2019February 22, 2019 admin 0 Comments

Only the best IT protection solutions are contenders for the internationally recognized AV-TEST Awards. After all, with this award, the

IT Security News News

Cryptocurrency Exchange loses access to €130m in funds

February 5, 2019February 5, 2019 admin 0 Comments

Where is the safest place to store cryptocurrency has always been a debated issue, some say offline, others say online,

Info

Cryptomining Malware Uninstalls Cloud Security Products

January 23, 2019January 23, 2019 admin 0 Comments

New samples of cryptomining malware performs a never-before-seen function: uninstalling cloud security products. Researchers say they have discovered a unique

Info

Google Fined $57M in Largest GDPR Slap Yet

January 23, 2019January 23, 2019 admin 0 Comments

The French Data Protection Authority (DPA) found a lack of transparency when it comes to how Google harvests and uses

Info

Hackers can play with cranes like toys

January 18, 2019January 18, 2019 admin 0 Comments

Why does everyone leave security until the last minute. These risk would not happen if we build system to be

IT Security News News

Bleedingbit

November 2, 2018 admin 0 Comments Bleedingbit, vulnerability

Researchers from the firm Armis identified two bugs, which impact Bluetooth Low-Energy (BLE) chips used in millions of Cisco, Meraki,

← Previous

Adware Posing as 85 Photography and Gaming Apps on Google Play Installed Over 8 Million Times August 16, 2019
The mobile platform is ubiquitous — enabling users to make online transactions, run their everyday lives, or even use it in the workplace. It’s no surprise that fraudsters and cybercriminals would want to cash in on it. Delivering adware, for example, enables them to monetize affected devices while attempting to be innocuous. And while they […]
Analysis: New Remcos RAT Arrives Via Phishing Email August 15, 2019
In July, we came across a phishing email purporting to be a new order notification, which contains a malicious attachment that leads to the remote access tool Remcos RAT (detected by Trend Micro as BKDR_SOCMER.SM). This attack delivers Remcos using an AutoIT wrapper that incorporates various obfuscation and anti-debugging techniques to evade detection, which is […]
August Patch Tuesday: Update Fixes ‘Wormable’ Flaws in Remote Desktop Services, VBScript Gets Disabled by Default August 14, 2019
While none of the vulnerabilities were listed as under active attack at the time of August Patch Tuesday release, a few of the bugs addressed this month fall under the “wormable” category, namely remote code execution (RCE) vulnerabilities in the Remote Desktop Services. This month's Patch Tuesday also disables the scripting language VBScript by default […]
Back-to-Back Campaigns: Neko, Mirai, and Bashlite Malware Variants Use Various Exploits to Target Several Routers, Devices August 13, 2019
By Augusto Remillano II and Jakub Urbanec Within a span of three weeks, our telemetry uncovered three notable malware variants of Neko, Mirai, and Bashlite. On July 22, 2019, we saw and started analyzing a Neko botnet sample, then observed another sample with additional exploits the following week. A Mirai variant that calls itself “Asher”... […]
LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script August 9, 2019
Our fuzzing methodology LLDBFuzzer found dozens of vulnerabilities, including double free and out-of-bounds (OOB) read/write bugs. These vulnerabilities could allow an attacker access to restricted memory or be used in a privilege escalation attack. The post LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script appeared first on .
LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks August 6, 2019
First advertised as an information stealer and keylogger when it first appeared in underground forums, LokiBot has added various capabilities over the years. Recent activity has seen the malware family abusing Windows Installer for its installation and introducing a new delivery method that involves spam mails containing malicious ISO file attachments. Our analysis of a […]
Latest Trickbot Campaign Delivered via Highly Obfuscated JS File August 5, 2019
We have been tracking Trickbot banking trojan activity and recently discovered a variant of the malware (detected by Trend Micro as TrojanSpy.Win32.TRICKBOT.TIGOCDC) from distributed spam emails that contain a Microsoft Word document with enabled macro. Once the document is clicked, it drops a heavily obfuscated JS file (JavaScript) that downloads Trickbot as its payload. This […]
Keeping a Hidden Identity: Mirai C&Cs in Tor Network July 31, 2019
We found new samples of Mirai targeting IP cameras and DVRs with exposed ports and default credentials. Like its predecessors, it allows attackers remote access and the use of infected devices to form a botnet for DDoS attacks. However, the C&Cs were traced back to the Tor network, keeping the cybercriminals' identities anonymous and protecting […]
Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’ July 23, 2019
Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly delivered cryptocurrency-mining malware, as in the case of one attack we […]
Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year-old XHide July 19, 2019
We found a threat that scans for open ports and brute forces systems with weak credentials to drop a Monero cryptocurrency miner. While the installation and mining process is hidden by old evasion tool XHide Process Faker, the malware can be used for bigger attacks in the future as both the shellbot and miner can […]