Home Tags Byte

Tag: Byte

In our previous blog , we detailed our findings about the attack against the Pyeongchang 2018 WinterOlympics.

For this investigation, our analysts were provided with administrative access to one of the affected servers located in a hotel based in Pyeongchang county, South Korea.
In addition, we collected all available evidence from various private and public sources and worked with several companies on investigating the CC infrastructure associated with the attackers.
Widely used message transfer agent patched buffer overflow last month.
This time, wersquo;ve chosen a smart hub designed to control sensors and devices installed at home.
It can be used for different purposes, such as energy and water management, monitoring and even security systems.
In 2017, we encountered lots of samples that were ‘exploitingrsquo; the implementation of Microsoft Wordrsquo;s RTF parser to confuse all other third-party RTF parsers, including those used in anti-malware software.

Denis and Co.

In April 2017, we published a detailed review of a malicious program that used DNS tunneling to communicate to its CC.

That study prompted us to develop a technology to detect similar threats, which allowed us to collect a multitude of malware samples using DNS tunneling.
Image from mobile AC-130 Gunship Simulator apparently came from a YouTube trailer.
The authors of malware use various techniques to circumvent defensive mechanisms and conceal harmful activity. One of them is the practice of hiding malicious code in the context of a trusted process.

Typically, malware that uses concealment techniques injects its code into a system process, e.g. explorer.exe.

But some samples employ other interesting methods. We're going to discuss one such type of malware.
A collection of Bluetooth implementation vulnerabilities known asBlueBornehas been released.

These vulnerabilities collectively affect Windows,iOS,and Linux-kernel-based operating systems including Android and Tizen,and may in worst case allow an unauthenticated attacker to perform commands on the device.
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.

For devices utilizing this environment encryption mode,U-Boot's use of a zero initialization vector and improper handling of an error condition may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data.