Security Affairs

DECEMBER 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell ), in the Apache Log4j Java-based logging library.

Libraries 145

Libraries IT Cloud Data breaches 145

Security Affairs

AUGUST 9, 2022

Cyber Security Specialist Zoziel Pinto Freire shows an example of malicious file analysis presented during his lecture on BSides-Vitória 2022. My objective with this series of articles is to show examples of malicious file analysis that I presented during my lecture on BSides-Vitória 2022. Static Analysis x Dynamic Analysis.

Libraries 114

Libraries Metadata Education Security 114

Security Affairs

JUNE 16, 2022

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Cybersecurity researchers from JFrog disclosed details of a now patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.

Libraries 102

Libraries Cybersecurity Security IT 102

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The experts have found more than 60 applications in Google Play that were containing the malicious library.

Libraries 98

Libraries Data collection Education Security 98

eSecurity Planet

OCTOBER 18, 2021

But that success and the openness inherent in the community have led to a major challenge – security. Therefore, any security vulnerabilities are disclosed publicly. This has given rise to a large number of open source security tools. The Best Open Source Security Tools. WhiteSource.

Security 139

Security Encryption Compliance Libraries 139

The Last Watchdog

MARCH 29, 2022

Log4j is the latest, greatest vulnerability to demonstrate just how tenuous the security of modern networks has become. By no means has the cybersecurity community been blind to the complex security challenges spinning out of digital transformation. Log4j, for instance, is a ubiquitous logging library.

Security 223

Security Cloud Digital transformation Cybersecurity 223

eSecurity Planet

AUGUST 26, 2021

In fact, there are more than a few flaws present, as well as the occasional gaping security hole. Code debugging and code security tools exist to find and help developers fix the problems that occur. Security and Speed Needs Drive Growth. Best Code Debugging and Code Security Tools. SonarQube’s standout features.

Security 143

Security IT Libraries Cloud 143

Security Affairs

SEPTEMBER 7, 2020

A recently discovered cybercrime gang, tracked as Epic Manchego , is using a new technique to create weaponized Excel files that are able to bypass security checks. The phishing messages carry weaponized Excel documents that are able to bypass security checks and that had low detection rates. EPPlus is such a tool.”

Libraries 140

Libraries Phishing Passwords Security 140

Security Affairs

JULY 1, 2020

Security experts have uncovered a new piece of ransomware dubbed EvilQuest designed to encrypt macOS systems, it is also able to install additional payloads and potentially take over the infected machine. ” reads the analysis wrote by Wardle. Using these capabilities the ransomware can gain full control over the infected system.

Ransomware 145

Ransomware Libraries Encryption Communications 145

Security Affairs

JANUARY 28, 2021

The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Libraries 144

Libraries IT Mining Security 144

Security Affairs

SEPTEMBER 3, 2024

These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. The researchers analyzed the exploitability of the platform’s permission-based security model, which is based on the Transparency, Consent, and Control ( TCC ) framework.

Libraries 138

Libraries Risk Access Security 138

Security Affairs

APRIL 29, 2020

The discovery urges Apple into implementing additional security measures to protect these components, following the approach already adopted by Google to protect multimedia processing libraries. Multimedia processing libraries are used by the modern mobile OS to automatically manage multimedia files (i.e.

Libraries 144

Libraries Paper Security Cybersecurity 144

Security Affairs

NOVEMBER 17, 2020

Shellcode play an essential role in cyber attacks, the popular expert Unixfreaxjp explained how to utilize radare2 for variation of shellcode analysis. A good analysis tool can help you dissect a shellcode if the low-level language analysis operation is supported, as any shellcode is coded in assembly language.

Libraries 132

Libraries IT Security Information Security 132

Security Affairs

JULY 7, 2022

” reads the analysis published by the experts. “Unlike other threats that hijack shared libraries by modifying the environment variable LD_PRELOAD, this malware uses 2 different ways to load the malicious library. The experts pointed out that the malware outstands for its almost hermetic hooking of libraries.

Libraries 141

Libraries Cybersecurity Authentication Access 141

Security Affairs

DECEMBER 6, 2022

The encryption and decryption are not robust and the ransomware lack features like Windows Shadow Copy removal, File unlocking for a more thorough impact, Anti-analysis, and Defensive evasion (AMSI bypass, disabling event logging, etc.). ” reads the analysis published by Fortinet. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Libraries IT 144

Security Affairs

NOVEMBER 10, 2020

Security researchers discovered today an npm package that contains malicious code designed to steal sensitive Discord and browser files. The malicious JavaScript library was uploaded to the npm packet repository and has been already removed. The repo is used by developers to include libraries (npm packages) inside their projects.

Libraries 135

Libraries Security Access IT 135

Security Affairs

APRIL 14, 2020

Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including three Windows issues that have been exploited in attacks in the wild. Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited. Pierluigi Paganini.

Libraries 133

Libraries Authentication Security Risk 133

Security Affairs

MAY 7, 2020

Samsung addressed this month a critical 0-click vulnerability that was discovered by security researchers from Google. Samsung released this week a security patch that addresses a critical vulnerability, tracked as CVE-2020-8899, impacting all smartphones sold since 2014. ” reads the analysis published by the expert.

IT 141

IT Libraries Security Access 141

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries 141

Libraries e-Delivery Risk Passwords 141

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. Pierluigi Paganini.

Mining 145

Mining Libraries Cybersecurity Security 145

The Last Watchdog

JUNE 3, 2022

Findings released this week by ReversingLabs show 87 percent of security and technology professionals view software tampering as a new breach vector of concern, yet only 37 percent say they have a way to detect it across their software supply chain. Its function is to record events in a log for a system administrator to review and act upon.

Systems administration 255

Systems administration Libraries Risk Authentication 255

Security Affairs

JANUARY 31, 2021

In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances).” ” reads the analysis published by Palo Alto Networks. One of the ways to use LD_PRELOAD is to add the crafted library to /etc/ld.so.preload.” Pierluigi Paganini.

Cloud 129

Cloud Libraries Mining IT 129

Security Affairs

DECEMBER 2, 2021

Threat actors are targeting e-stores with remote access malware, dubbed NginRAT, that hides on Nginx servers bypassing security solutions. Researchers from security firm Sansec recently discovered a new Linux remote access trojan (RAT), tracked as CronRAT , that hides in the Linux task scheduling system (cron) on February 31st.

Libraries 144

Libraries Access Security IT 144

Security Affairs

FEBRUARY 16, 2021

Researchers at cyber security firm Shielder discovered a critical flaw affecting iOS, Android, and macOS versions of the instant messaging app Telegram. The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb.

Access 134

Access Libraries Encryption Security 134

Security Affairs

NOVEMBER 29, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. ” reads the advisory published by Google.

Libraries 140

Libraries Security Access IT 140

Security Affairs

DECEMBER 12, 2021

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. Pierluigi Paganini.

Honeypots 145

Honeypots Libraries Passwords Authentication 145

Security Affairs

DECEMBER 20, 2023

The flaw was reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19 and fixed in just one day. Reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19” reads the advisory published by the IT giant. ” continues the advisory.

Libraries 143

Libraries Access IT Information Security 143

The Last Watchdog

OCTOBER 1, 2024

1, 2024 — ForAllSecure , the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform.

Security 113

Security Education Cybersecurity Libraries 113

Security Affairs

MARCH 11, 2024

ai have published technical details and a proof-of-concept (PoC) exploit for the critical security flaw CVE-2024-1403 in Progress Software OpenEdge Authentication Gateway and AdminServer. “The Progress OpenEdge team recently identified a security vulnerability in OpenEdge Release 11.7.18 Researchers from Horizon3.ai

Authentication 141

Authentication Passwords Libraries Access 141

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. ” reads the analysis published by Cybereason. The post EventBot, a new Android mobile targets financial institutions across Europe appeared first on Security Affairs.

Financial Services 143

Financial Services Libraries Encryption Authentication 143

Security Affairs

APRIL 21, 2024

The threat actors behind the DuneQuixote campaign took steps to prevent collection and analysis the implants through the implementation of practical and well-designed evasion methods. The malware is developed in C/C++ without utilizing the Standard Template Library (STL), and certain segments are coded in pure Assembler.”

Libraries 139

Libraries Communications IT Government 139

The Last Watchdog

MAY 8, 2019

I had the chance to sit down with Nikolaos Chrysaidos (pictured), head of mobile threat intelligence and security at Avast, to drill down on the wider context of the helpful findings apklabl.io However, our analysts were able to detect it because apps using these libraries waste the user’s battery and make the device slower.

Libraries 176

Libraries Ransomware Mining IT 176

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Authentication 140

Authentication Libraries Access Security 140

Security Affairs

DECEMBER 1, 2022

Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. Cybersecurity and Infrastructure Security Agency (CISA) added this flaw to its Known Exploited Vulnerabilities Catalog. Attackers loads the library file exp_lin.so In March 2022, the U.S.

Libraries 145

Libraries Honeypots Communications Cybersecurity 145

Security Affairs

DECEMBER 13, 2021

Threat actors are already abusing Log4Shell vulnerability in the Log4j library for malicious purposes such as deploying malware. A few hours ago, researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. Pierluigi Paganini.

Mining 141

Mining Honeypots Libraries IT 141