‘Hidden Bee’ miner delivered via improved drive-by download toolkit

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign. Categories: Exploits Threat analysis Tags: bootkitcryptominerdrive-by attackexploithidden beehidden bee minerMBR (Read more...) The ...
US-CERT Warns About Attacks Against ERP Applications

US-CERT Warns About Attacks Against ERP Applications

The US-CERT arm of the U.S. Department of Homeland Security has issued an alert warning organizations about an increase in attacks targeting Enterprise Resource Planning (ERP) applications. The alert is based on ...
Security Boulevard
Taking apart a double zero-day sample discovered in joint hunt with ESET

Taking apart a double zero-day sample discovered in joint hunt with ESET

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown ...

How Scammers Use Google for Business Email Compromise

Several companies have made online productivity solutions like G Suite from Google the preferred option for business computing. It’s incredibly convenient and usually inexpensive for anyone from solo operations through large enterprises ...
SMBv1 Windows Exploit “Fix” Problem – Why Disable Auto Updates?

SMBv1 Windows Exploit “Fix” Problem – Why Disable Auto Updates?

New information has come to our attention that there is a specific Windows patch, which aims to address issues in the SMBv1 of Windows, more specifically removing it. SMB is in several ...
Facebook

The Shared Security Weekly Blaze – Recent Windows Vulnerabilities, Exposed Passwords, Credit Freeze Controversy

This is the Shared Security Weekly Blaze for May 14, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions, Silent Pocket and CISOBox. This episode ...
Critical Drupal vulnerability now being exploited in the wild; users urged to patch ASAP

Critical Drupal vulnerability now being exploited in the wild; users urged to patch ASAP

The Drupal security team is urging users of its open-source content management platform to update the core software, or at the very least install the latest patches, as hackers are now actively ...

CVE-2017-8570 and CVE-2018-0802 exploits being used to spread LokiBot

Zscaler ThreatLabZ has been tracking the usage of malicious RTF documents that leverage CVE-2017-8570 and more recently CVE-2018-0802 vulnerability exploits to install malicious payload on the victim machine. In this blog, we'll ...
The Mikrotik RouterOS-Based Botnet

The Mikrotik RouterOS-Based Botnet

A newly discovered botnet targets TCP port 8291 and vulnerable Mikrotik RouterOS-based devices. MikroTik, a Latvian hardware manufacturer, products are used around the world and are now a target of a new ...

Three Leaked NSA Exploits Rewritten to Affect All Windows OSes Since Windows 2000

The WannaCry and NotPetya outbreaks were by far among the most significant digital attack campaigns that took place in 2017. Together, the crypto-ransomware and wiper malware affected hundreds of thousands of computers ...
Loading...