RSS Reader for Computer Security Articles
Credit to Author: Malwarebytes Labs| Date: Thu, 26 Jul 2018 21:00:22 +0000
 | |
| Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign. Categories: Tags: bootkitcryptominerdrive-by attackexploithidden beehidden bee minerMBR |
The post ‘Hidden Bee’ miner delivered via improved drive-by download toolkit appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Windows Defender ATP| Date: Mon, 02 Jul 2018 15:00:00 +0000
In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel with ESET researchers, I was surprised to discover two new zero-day exploits in the same
Read More
Credit to Author: Tiziana Carboni| Date: Mon, 11 Jun 2018 05:13:41 +0000
Sophos ha bloccato 34 dei 35 exploit testati, mentre il punteggio più alto degli altri vendor è stato di 22 su 35.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/2REh3QJb8bY” height=”1″ width=”1″ alt=””/>
Read More
Credit to Author: Tiziana Carboni| Date: Thu, 17 May 2018 05:19:47 +0000
Ecco come funzionano e come si possono prevenire<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/boSteQL9HIg” height=”1″ width=”1″ alt=””/>
Read MoreCredit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000
The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…
Read MoreCredit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000
The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…
Read MoreCredit to Author: Sameer Patil| Date: Wed, 07 Mar 2018 10:32:57 +0000
Apache Struts is an open-source CMS based on MVC framework for developing Java EE Web Applications. Apache Struts has been widely used by many Fortune 100 companies and government agencies over the years for developing web applications. But, websites built using a CMS constantly need to upgrade the CMS versions in their web application servers, because vulnerabilities…
Read MoreCredit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000
No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a look…
Read More