Analysis and Libraries - Information Management Today

Experts monitor ongoing attacks using exploits for Log4j library flaws

Security Affairs

DECEMBER 27, 2021

Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities in the Apache Log4j library. Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE2021-4104, and CVE-2021-42550) in the Apache Log4j library warning of the need to adopt protective measures.

Libraries

Libraries Honeypots Security IT

Watch out! CVE-2023-5129 in libwebp library affects millions applications

Security Affairs

SEPTEMBER 27, 2023

Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier for a critical vulnerability, tracked as CVE-2023-5129 (CVSS score 10,0), in the libwebp image library for rendering images in the WebP format.

Libraries

Libraries IT Security Information Security

CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Security Affairs

JANUARY 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. The flaw was reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19 and fixed in just one day.

Libraries

Libraries IT Cybersecurity Risk

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Security Affairs

DECEMBER 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell ), in the Apache Log4j Java-based logging library.

Libraries

Libraries IT Cloud Data breaches

New Study: 2018 State of Embedded Analytics Report

Why do some embedded analytics projects succeed while others fail? We surveyed 500+ application teams embedding analytics to find out which analytics features actually move the needle. Read the 6th annual State of Embedded Analytics Report to discover new best practices. Brought to you by Logi Analytics.

Analytics

Malicious file analysis – Example 01

Security Affairs

AUGUST 9, 2022

Cyber Security Specialist Zoziel Pinto Freire shows an example of malicious file analysis presented during his lecture on BSides-Vitória 2022. My objective with this series of articles is to show examples of malicious file analysis that I presented during my lecture on BSides-Vitória 2022. Static Analysis x Dynamic Analysis.

Libraries

Libraries Metadata Education Security

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Security Affairs

APRIL 2, 2019

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The Japanese security researcher Masato Kinugawa discovered an XSS vulnerability in Google Search that was introduced with a change made months ago in an open-source JavaScript library.

Libraries

Libraries Phishing Security IT

Backdoor mechanism found in Ruby strong_password library

Security Affairs

JULY 8, 2019

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits. The attacker created a new version of the library (version 0.0.7 version 0.0.7

Libraries

Libraries Passwords Security IT

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. ” reads CISA’s advisory. ” reads the MAR.

Security

Security Authentication Libraries Passwords

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

APRIL 22, 2019

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x

Libraries

Libraries Security IT

GitLab addressed critical auth bypass flaws in CE and EE

Security Affairs

MARCH 13, 2025

“GitLab has remediated two privately disclosed security issues (CVE-2025-25291, CVE-2025-25292) identified in the ruby-saml library which GitLab uses when SAML SSO authentication is enabled at the instance or group level.” ” reads a technical analysis of the two critical flaws. . ” continues the analysis.

Authentication

Authentication Libraries Data breaches Security

Researchers disclosed a remote code execution flaw in Fastjson Library

Security Affairs

JUNE 16, 2022

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Cybersecurity researchers from JFrog disclosed details of a now patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.

Libraries

Libraries Cybersecurity Security IT

New Android malicious library Goldoson found in 60 apps +100M downloads

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The experts have found more than 60 applications in Google Play that were containing the malicious library.

Libraries

Libraries Data collection Education Security

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

If your AI-generated code becomes faulty, who faces the most liability exposure?

Collaboration 2.0

DECEMBER 22, 2024

Who is liable: the product maker, the library coder, or the company that chose the product? Our Part 2 analysis examines this sticky issue if a catastrophic outcome occurs.

Libraries

Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets

Security Affairs

JANUARY 20, 2025

Crooks used names typosquatting popular libraries, such as @async-mutex/mutex , dexscreener , solana-transaction-toolkit and solana-stable-web-huks. ” reads the analysis published by Socket. The malicious npm packages allowed the threat actors to exfiltrate Solana private keys via Gmail. ” continues the report.

Libraries

Libraries Authentication IT Access

Invitation to tender: Future ready libraries

CILIP

JANUARY 31, 2025

Invitation to tender: Future ready libraries CILIP is inviting researchers to undertake a gap analysis and consultation with sector experts to create a comprehensive review of training provision for leadership in the public library workforce in England.

Libraries

Libraries Access Government

Text4Shell, a remote code execution bug in Apache Commons Text library

Security Affairs

OCTOBER 19, 2022

Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote code execution vulnerability, tracked as CVE-2022-42889, in the open-source Apache Commons Text library. ” reads the post published by Munoz.

Libraries

Libraries Security IT Information Security

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs

SEPTEMBER 7, 2020

The trick used by the Epic Macnchego gang consists of compiling the documents with a.NET library called EPPlus , instead of the standard Microsoft Office software. ” The library can generate files in multiple spreadsheet formats, it also supports Excel 2019. .” ” reads the analysis published by NVISO.

Libraries

Libraries Phishing Passwords Security

New EvilQuest ransomware targets macOS users

Security Affairs

JULY 1, 2020

EvilQuest includes anti-analysis capabilities, it is able to check if it’s running in a virtual machine or a sandboxed environment and implements anti-debug capabilities. ” reads the analysis wrote by Wardle. The ransomware also checks for some common anti-virus solutions (e.g. ” states MalwareBytes.

Ransomware

Ransomware Libraries Encryption Communications

Google addressed a new actively exploited Chrome zero-day

Security Affairs

DECEMBER 20, 2023

The flaw was reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19 and fixed in just one day. Reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19” reads the advisory published by the IT giant. ” continues the advisory.

Libraries

Libraries Access IT Information Security

TeamTNT group adds new detection evasion tool to its Linux miner

Security Affairs

JANUARY 28, 2021

“The group is using a new detection evasion tool, copied from open source repositories,” reads the analysis published by AT&T Alien Labs. If the custom shared library exports a function with the same signature of a library that is located in the system libraries, the custom version will override it.

Libraries

Libraries IT Mining Security

Ransomware Toolkit Cryptonite turning into an accidental wiper

Security Affairs

DECEMBER 6, 2022

The encryption and decryption are not robust and the ransomware lack features like Windows Shadow Copy removal, File unlocking for a more thorough impact, Anti-analysis, and Defensive evasion (AMSI bypass, disabling event logging, etc.). ” reads the analysis published by Fortinet.

Ransomware

Ransomware Encryption Libraries IT

Unixfreaxjp at #R2CON2020 presented shellcode basics for radare2

Security Affairs

NOVEMBER 17, 2020

Shellcode play an essential role in cyber attacks, the popular expert Unixfreaxjp explained how to utilize radare2 for variation of shellcode analysis. A good analysis tool can help you dissect a shellcode if the low-level language analysis operation is supported, as any shellcode is coded in assembly language.

Libraries

Libraries IT Security Information Security

DuneQuixote campaign targets the Middle East with a complex backdoor

Security Affairs

APRIL 21, 2024

The threat actors behind the DuneQuixote campaign took steps to prevent collection and analysis the implants through the implementation of practical and well-designed evasion methods. The malware is developed in C/C++ without utilizing the Standard Template Library (STL), and certain segments are coded in pure Assembler.”

Libraries

Libraries Communications IT Government

Google found zero-click vulnerabilities in Apple’s multimedia processing components

Security Affairs

APRIL 29, 2020

The discovery urges Apple into implementing additional security measures to protect these components, following the approach already adopted by Google to protect multimedia processing libraries. Multimedia processing libraries are used by the modern mobile OS to automatically manage multimedia files (i.e. images, audio, and videos).

Libraries

Libraries Paper Security Cybersecurity

OrBit, a new sophisticated Linux malware still undetected

Security Affairs

JULY 7, 2022

” reads the analysis published by the experts. “Unlike other threats that hijack shared libraries by modifying the environment variable LD_PRELOAD, this malware uses 2 different ways to load the malicious library. The experts pointed out that the malware outstands for its almost hermetic hooking of libraries.

Libraries

Libraries Cybersecurity Authentication Access

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Security Affairs

SEPTEMBER 3, 2024

These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. Despite these risks, Microsoft considers the issues low-risk and declined to fix them, stating that some apps need to allow unsigned libraries for plugin support.

Libraries

Libraries Risk Access Security

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries

Libraries e-Delivery Risk Passwords

Two Linux botnets already exploit Log4Shell flaw in Log4j

Security Affairs

DECEMBER 12, 2021

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library.

Honeypots

Honeypots Libraries Passwords Authentication

Malicious NPM project steals browser info and Discord accounts

Security Affairs

NOVEMBER 10, 2020

The malicious JavaScript library was uploaded to the npm packet repository and has been already removed. The repo is used by developers to include libraries (npm packages) inside their projects. ” reads the analysis published by Sonatype. ” continues the analysis. It also uses the legitimate Discord.js

Libraries

Libraries Security Access IT

Lessons from a Ransomware Attack against the British Library

Schneier on Security

MARCH 29, 2024

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.

Libraries

Libraries Ransomware

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. The popular library has million of weekly downloads. According to the maintainer of the library,Faisal Salman, a threat actor has hijacked his NPM account to publish the infected packages.

Mining

Mining Libraries Cybersecurity Security

Microsoft addresses three Windows issues actively exploited

Security Affairs

APRIL 14, 2020

The two RCE flaws in Windows, tracked as CVE-2020-1020 and CVE-2020-0938 , are related to the Adobe Type Manager Library. In March, Microsoft warned of hackers exploiting the two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact all supported versions of Windows.

Libraries

Libraries Authentication Security Risk

Samsung fixes a zero-click issue affecting its phones

Security Affairs

MAY 7, 2020

. “A possible memory overwrite vulnerability in Quram qmg library allows possible remote arbitrary code execution. The vulnerability resides in the Skia Android graphics library and affects the way Android OS running on Samsung devices handles the custom Qmage image format (.qmg). system libraries.” or libhwui.so

IT

IT Libraries Security Access

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances).” ” reads the analysis published by Palo Alto Networks. One of the ways to use LD_PRELOAD is to add the crafted library to /etc/ld.so.preload.”

Cloud

Cloud Libraries Mining IT

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

” reads the analysis published by Cybereason. Most recent versions of EventBot also include a ChaCha20 library that can improve performance, but it is not currently being used, a circumstance that suggests authors are actively working to optimize EventBot. ” concludes the report.

Financial Services

Financial Services Libraries Encryption Authentication

NginRAT – A stealth malware targets e-store hiding on Nginx servers

Security Affairs

DECEMBER 2, 2021

” reads the analysis published by the experts. One of the commands is dwn that downloads a Linux system library to /dev/shm/php-shared. Another trick that makes the analysis of the malware challenging is that the library code is only written in memory and cannot be examined after its launch. Then, CronRAT launches.

Libraries

Libraries Access Security IT

Log4Shell was in the wild at least nine days before public disclosure

Security Affairs

DECEMBER 13, 2021

Threat actors are already abusing Log4Shell vulnerability in the Log4j library for malicious purposes such as deploying malware. A few hours ago, researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. Pierluigi Paganini.

Mining

Mining Honeypots Libraries IT

Google addressed the sixth Chrome Zero-Day vulnerability in 2023

Security Affairs

NOVEMBER 29, 2023

Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms. Benoît Sevens and Clément Lecigne of Google’s Threat Analysis Group discovered the zero-day on on 2023-11-24. The CVE-2023-5217 is a high-severity integer overflow in Skia.

Libraries

Libraries Security Access IT

New Go-based Redigo malware targets Redis servers

Security Affairs

DECEMBER 1, 2022

The attacking server that is defined as the master uses this connection to download the shared library exp_lin.so MODULE LOAD command – this allows for the loading of a module from the dynamic library downloaded at stage 4 at runtime. This library allows for exploitation of the vulnerability and runs arbitrary commands later.

Libraries

Libraries Honeypots Communications Cybersecurity

The North Korean Kimsuky APT threatens South Korea evolving its TTPs

Security Affairs

MARCH 3, 2020

Technical Analysis. The “ AutoUpdate.dll” library then gains persistence by setting the following registry key “ HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnceWindowsDefender ”. This task can be executed using the Tool Help Library Windows API family using CreateToolhelp32Snapshot() , Process32First() , and Process32Next() API.

IT

IT File names Libraries Communications

Experts monitor ongoing attacks using exploits for Log4j library flaws

Watch out! CVE-2023-5129 in libwebp library affects millions applications

Webinars

Trending Sources

CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Webinars

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

New Study: 2018 State of Embedded Analytics Report

Malicious file analysis – Example 01

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Backdoor mechanism found in Ruby strong_password library

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

5 Early Indicators Your Embedded Analytics Will Fail

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

GitLab addressed critical auth bypass flaws in CE and EE

Researchers disclosed a remote code execution flaw in Fastjson Library

New Android malicious library Goldoson found in 60 apps +100M downloads

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

If your AI-generated code becomes faulty, who faces the most liability exposure?

Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets

Invitation to tender: Future ready libraries

Text4Shell, a remote code execution bug in Apache Commons Text library

How to Package and Price Embedded Analytics

Epic Manchego gang uses Excel docs that avoid detection

New EvilQuest ransomware targets macOS users

Google addressed a new actively exploited Chrome zero-day

TeamTNT group adds new detection evasion tool to its Linux miner

Ransomware Toolkit Cryptonite turning into an accidental wiper

Unixfreaxjp at #R2CON2020 presented shellcode basics for radare2

DuneQuixote campaign targets the Middle East with a complex backdoor

Google found zero-click vulnerabilities in Apple’s multimedia processing components

OrBit, a new sophisticated Linux malware still undetected

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913

Two Linux botnets already exploit Log4Shell flaw in Log4j

Malicious NPM project steals browser info and Discord accounts

Lessons from a Ransomware Attack against the British Library

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

Microsoft addresses three Windows issues actively exploited

Samsung fixes a zero-click issue affecting its phones

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

EventBot, a new Android mobile targets financial institutions across Europe

NginRAT – A stealth malware targets e-store hiding on Nginx servers

Log4Shell was in the wild at least nine days before public disclosure

Google addressed the sixth Chrome Zero-Day vulnerability in 2023

New Go-based Redigo malware targets Redis servers

The North Korean Kimsuky APT threatens South Korea evolving its TTPs

Stay Connected