Home Tags Hypertext Transfer Protocol (HTTP)

Tag: Hypertext Transfer Protocol (HTTP)

We confront hundreds of thousands of new threats every day and we can see that threat actors are on a constant lookout for new attack opportunities.

According to our research, connecting a software license management token to a computer may open a hidden remote access channel for an attacker.
A recently discovered Dridex campaign had a few peculiar characteristics, including the use of FTP instead of HTTP.
Hackers are exploiting three Microsoft Office vulnerabilities to spread the Zyklon HTTP malware .
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters in the HTTP requ...
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual...
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vuln...
Google removes four extensions that used infected computers in click fraud scheme.
At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild.
In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago.
On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, ...
CPU hardware implementations are vulnerable to cache side-channel attacks.

These vulnerabilities are referred to as Meltdown and Spectre.

Happy IR in the New Year!

Endpoint anal In IR cases we use a very simple script that is uploaded to every Windows computer in the corporate network to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers were moving through the network.
Itrsquo;s holiday season and it is our pleasure to share this script with you.
In an earlier publication we noted that cybercriminals were making use of social engineering to install this sort of software on usersrsquo; computers.

This time, wersquo;d like to dwell more on how exactly the computers of gullible users start working for cybercriminals.