Security Affairs

DECEMBER 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell ), in the Apache Log4j Java-based logging library.

Libraries 145

Libraries IT Cloud Data breaches 145

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. ” reads CISA’s advisory. ” reads the MAR.

Security 142

Security Authentication Libraries Passwords 142

Security Affairs

JUNE 16, 2022

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Cybersecurity researchers from JFrog disclosed details of a now patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.

Libraries 101

Libraries Cybersecurity Security IT 101

CILIP

JUNE 17, 2024

Libraries and the fight against truth decay Truth decay is the diminishing role of facts and analysis in public life, it is a phenomenon that erodes civil discourse, causes political paralysis, and leads to general uncertainty around what is and is not. A healthy democracy is helped by an open exchange of views,” said Stijn.

Libraries 88

Libraries IT 88

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The experts have found more than 60 applications in Google Play that were containing the malicious library.

Libraries 98

Libraries Data collection Education Security 98

CILIP

JUNE 24, 2024

Library brings local history to life for London school children Guildhall Library in the City of London created an open and accessible space that got children out of the classroom and gave them hands-on experience of history. The free workshops consisted of discussion and creative writing, including a slideshow and a plague game.

Libraries 76

Libraries Access IT 76

Security Affairs

SEPTEMBER 7, 2020

The trick used by the Epic Macnchego gang consists of compiling the documents with a.NET library called EPPlus , instead of the standard Microsoft Office software. ” The library can generate files in multiple spreadsheet formats, it also supports Excel 2019. .” ” reads the analysis published by NVISO.

Libraries 140

Libraries Phishing Passwords Security 140

Security Affairs

JULY 1, 2020

EvilQuest includes anti-analysis capabilities, it is able to check if it’s running in a virtual machine or a sandboxed environment and implements anti-debug capabilities. ” reads the analysis wrote by Wardle. The ransomware also checks for some common anti-virus solutions (e.g. ” states MalwareBytes.

Ransomware 145

Ransomware Libraries Encryption Communications 145

Security Affairs

DECEMBER 20, 2023

The flaw was reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19 and fixed in just one day. Reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19” reads the advisory published by the IT giant. ” continues the advisory.

Libraries 142

Libraries Access IT Information Security 142

Security Affairs

NOVEMBER 17, 2020

Shellcode play an essential role in cyber attacks, the popular expert Unixfreaxjp explained how to utilize radare2 for variation of shellcode analysis. A good analysis tool can help you dissect a shellcode if the low-level language analysis operation is supported, as any shellcode is coded in assembly language.

Libraries 131

Libraries IT Security Information Security 131

Security Affairs

DECEMBER 6, 2022

The encryption and decryption are not robust and the ransomware lack features like Windows Shadow Copy removal, File unlocking for a more thorough impact, Anti-analysis, and Defensive evasion (AMSI bypass, disabling event logging, etc.). ” reads the analysis published by Fortinet.

Ransomware 143

Ransomware Encryption Libraries IT 143

Security Affairs

JANUARY 28, 2021

“The group is using a new detection evasion tool, copied from open source repositories,” reads the analysis published by AT&T Alien Labs. If the custom shared library exports a function with the same signature of a library that is located in the system libraries, the custom version will override it.

Libraries 144

Libraries IT Mining Security 144

Security Affairs

APRIL 21, 2024

The threat actors behind the DuneQuixote campaign took steps to prevent collection and analysis the implants through the implementation of practical and well-designed evasion methods. The malware is developed in C/C++ without utilizing the Standard Template Library (STL), and certain segments are coded in pure Assembler.”

Libraries 139

Libraries Communications IT Government 139

Security Affairs

SEPTEMBER 3, 2024

These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. Despite these risks, Microsoft considers the issues low-risk and declined to fix them, stating that some apps need to allow unsigned libraries for plugin support.

Libraries 137

Libraries Risk Access Security 137

Security Affairs

JULY 7, 2022

” reads the analysis published by the experts. “Unlike other threats that hijack shared libraries by modifying the environment variable LD_PRELOAD, this malware uses 2 different ways to load the malicious library. The experts pointed out that the malware outstands for its almost hermetic hooking of libraries.

Libraries 141

Libraries Cybersecurity Authentication Access 141

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries 140

Libraries e-Delivery Risk Passwords 140

Schneier on Security

JANUARY 4, 2021

Presumably, volumes IV, V, and VI are still hidden inside the classified libraries of the NSA. 20, “The Analysis of Systems Employing Long or Continuous Keys”; Monograph No. 21, “The Analysis of Cylindrical Cipher Devices and Strip Cipher Systems”; Monograph No.

Military 138

Military FOIA Libraries IT 138

Security Affairs

NOVEMBER 10, 2020

The malicious JavaScript library was uploaded to the npm packet repository and has been already removed. The repo is used by developers to include libraries (npm packages) inside their projects. ” reads the analysis published by Sonatype. ” continues the analysis. It also uses the legitimate Discord.js

Libraries 135

Libraries Security Access IT 135

Security Affairs

JANUARY 31, 2021

In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances).” ” reads the analysis published by Palo Alto Networks. One of the ways to use LD_PRELOAD is to add the crafted library to /etc/ld.so.preload.”

Cloud 128

Cloud Libraries Mining IT 128

Security Affairs

APRIL 29, 2020

The discovery urges Apple into implementing additional security measures to protect these components, following the approach already adopted by Google to protect multimedia processing libraries. Multimedia processing libraries are used by the modern mobile OS to automatically manage multimedia files (i.e. images, audio, and videos).

Libraries 144

Libraries Paper Security Cybersecurity 144

Security Affairs

DECEMBER 12, 2021

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library.

Honeypots 145

Honeypots Libraries Passwords Authentication 145

The Last Watchdog

MAY 8, 2019

The adware applications were linked together by the use of third-party Android libraries, which bypass the background service restrictions present in newer Android versions. However, our analysts were able to detect it because apps using these libraries waste the user’s battery and make the device slower.

Libraries 176

Libraries Ransomware Mining IT 176

Security Affairs

APRIL 14, 2020

The two RCE flaws in Windows, tracked as CVE-2020-1020 and CVE-2020-0938 , are related to the Adobe Type Manager Library. In March, Microsoft warned of hackers exploiting the two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact all supported versions of Windows.

Libraries 133

Libraries Authentication Security Risk 133

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. The popular library has million of weekly downloads. According to the maintainer of the library,Faisal Salman, a threat actor has hijacked his NPM account to publish the infected packages.

Mining 145

Mining Libraries Cybersecurity Security 145

Security Affairs

MAY 7, 2020

. “A possible memory overwrite vulnerability in Quram qmg library allows possible remote arbitrary code execution. The vulnerability resides in the Skia Android graphics library and affects the way Android OS running on Samsung devices handles the custom Qmage image format (.qmg). system libraries.” or libhwui.so

IT 141

IT Libraries Security Access 141

Security Affairs

JANUARY 21, 2024

Each pirated application included the following components: Malicious dylib , a library loaded by the application that acts as a dropper. ” reads the analysis published by Jamf. ” reads the analysis published by Jamf. ” continues the analysis. log” from a remote server.

Libraries 143

Libraries IT Information Security Security 143

Security Affairs

DECEMBER 13, 2021

Threat actors are already abusing Log4Shell vulnerability in the Log4j library for malicious purposes such as deploying malware. A few hours ago, researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. Pierluigi Paganini.

Mining 140

Mining Honeypots Libraries IT 140

Security Affairs

NOVEMBER 29, 2023

Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms. Benoît Sevens and Clément Lecigne of Google’s Threat Analysis Group discovered the zero-day on on 2023-11-24. The CVE-2023-5217 is a high-severity integer overflow in Skia.

Libraries 140

Libraries Security Access IT 140

Security Affairs

DECEMBER 2, 2021

” reads the analysis published by the experts. One of the commands is dwn that downloads a Linux system library to /dev/shm/php-shared. Another trick that makes the analysis of the malware challenging is that the library code is only written in memory and cannot be examined after its launch. Then, CronRAT launches.

Libraries 143

Libraries Access Security IT 143

Security Affairs

APRIL 30, 2020

” reads the analysis published by Cybereason. Most recent versions of EventBot also include a ChaCha20 library that can improve performance, but it is not currently being used, a circumstance that suggests authors are actively working to optimize EventBot. ” concludes the report.

Financial Services 143

Financial Services Libraries Encryption Authentication 143

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Authentication 139

Authentication Libraries Access Security 139

Security Affairs

OCTOBER 14, 2021

The popular Google’s VirusTotal scanning service has published an interesting analysis of more than 80 Million ransomware samples. VirusTotal has published its first ransomware activity report based on the analysis of more than 80 million samples that have been uploaded from 140 countries worldwide. percent of the submitted samples.

Ransomware 132

Ransomware Libraries IT Security 132

Security Affairs

FEBRUARY 16, 2021

The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb. ” reads the analysis published by Shielder experts. This library was used by Telegram developers instead of the Airbnb’s one.

Access 134

Access Libraries Encryption Security 134

Security Affairs

MARCH 11, 2024

However, they focused on the analysis of the details included in the advisory. ” reads the analysis published by Horizon3.ai. “The connect() method interestingly loads a native system library, auth.dll, and eventually calls the authorizeUser() method defined in it. . ” reads the analysis published by Horizon3.ai.

Authentication 141

Authentication Passwords Libraries Access 141