recent ‧ popular ‧log in

malware

Β« earlier   
Twitter
πƒπ€πˆπ‹π˜ π“πŽπ π…πˆπ•π„ 𝐀𝐒𝐍
New hosts infected with Mirai-like by internet service provider:
πŸ‡·πŸ‡Ί AS12389: 328 --…
malware  from twitter_favs
yesterday by schee
SNDBOX
New online malware scanning service, but the backend seems to be substantially different from VirusTotal and similar checking services
malware  analysis  sandbox  service  online  free  security  hacking  pentesting 
2 days ago by asteroza
Twitter
πƒπ€πˆπ‹π˜ π“πŽπ 𝐓𝐄𝐍 π‚πŽπ”ππ“π‘πˆπ„π’
New hosts infected with Mirai-like by country:
πŸ‡¨πŸ‡³ CN: 420
πŸ‡·πŸ‡Ί RU: 273
πŸ‡ͺπŸ‡¬ EG: 76
πŸ‡§πŸ‡·β€¦
malware  from twitter_favs
8 days ago by schee
event-stream vulnerability explained - Zach Schneider
This was an incredibly clever attack, very reminiscent of this blog post from January about how a similar attack might work. The attacker covered their tracks well β€” the code and commit log on GitHub all tell an innocuous and fairly common story (a new maintainer joins a project, adds a feature, and then tweaks the implementation of their feature a bit). Other than the warning signs about flatmap-stream (new package, no contributors or download activity), the attack was virtually undetectable. And indeed, it wasn’t discovered for over two months β€” it was only found because the attacker made a tiny mistake and used the deprecated crypto.createDecipher rather than crypto.createDecipheriv, which raised a suspicious deprecation warning in another library that consumes event-stream.

Unfortunately, this genre of attack isn’t going away anytime soon. JavaScript is the most popular language right now and it’s not really close, meaning it will continue to be an attractive target for hackers. JavaScript also has relatively few standard-library convenience features compared to other languages, which encourages developers to import them from npm packages instead β€” this, along with other cultural factors, means that JavaScript projects tend to have massive dependency trees.

(via Nelson)
npm  malware  bitcoin  security  javascript  event-stream  flatmap-stream  hacks 
10 days ago by jm
event-stream attack
Details on the subtle Bitcoin-stealing malware
malware  badtech  npm  javascript  tootme  bitcoin 
10 days ago by nelson
I’ve got a bridge to sell you: why AutoCAD malware keeps chugging on β€’ Ars Technica
Dan Goodin:
<p>The attacks aren’t new. Similar ones occurred as long ago as 2005, before AutoCAD provided the same set of robust defenses against targeted malware it does now. The attacks continued to go strong in 2009. A specific campaign recently spotted by security firm Forcepoint was active as recently as this year and has been active since at least 2014, an indication that malware targeting blueprints isn’t going away any time soon.

In an analysis expected to be published Wednesday, company researchers wrote:
<p>CAD changed our modern life and, as an unfortunate side effect, industrial espionage also changed along with it. Design schemes, project plans, and similar vital documents are being stored and shared between parties in a digital manner. The value of these documents–especially in new and prospering industries such as renewable energy–have probably never been this high. All this makes it attractive for the more skilled cybercriminal groups to chip in: instead of spamming out millions of emails and waiting for people to fall for it, significantly more money can be realized by selling blueprints to the highest bidder.</p>


Forcepoint said it has tracked more than 200 data sets and about 40 unique malicious modules, including one that purported to include a design for Hong Kong’s Zhuhai-Macau Bridge. The attacks include a precompiled and encrypted AutoLISP program titled acad.fas. It first copies itself to three locations in an infected computer to increase the chances it will be opened if it spreads to new computers. Infected computers also report to attacker-controlled servers, which use a series of obfuscated commands to download documents.</p>
autocad  malware 
11 days ago by charlesarthur
NYAN-x-CAT/Lime-RAT: LimeRAT | Simple, yet powerful remote administration tool for Windows
LimeRAT | Simple, yet powerful remote administration tool for Windows - NYAN-x-CAT/Lime-RAT
malware  rat  windows  c#  dot-net  trojan  security 
11 days ago by plaxx

Copy this bookmark:





to read