21 C
London
Thursday, August 17, 2017
Home Tags Malicious Code

Tag: Malicious Code

In July 2017, during an investigation, suspicious DNS requests were identified in a partnerrsquo;s network.

The source of the queries was a software package produced by NetSarang. Our analysis showed that recent versions of the software had been surreptitiously modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker.
Take 'em off the network, docs told, until 2015 patches arrive Hackers can exploit trivial flaws in network-connected Siemens' medical scanners to run arbitrary malicious code on the equipment.…
Lookalike npm packages grabbed stored credentials A two-week-old campaign to steal developers' credentials using malicious code distributed through npm, the Node.js package management registry, has been halted with the removal of 39 malicious npm packages.…
Toolmaker phished, Google account pwned, malicious code pushed out – and now fixed A popular Chrome extension was hijacked earlier today to inject ads into browsers, and potentially run malicious JavaScript, after the plugin's creator was hacked.…
As platform's popularity continues to rise, so does its allure to miscreants The comforting notion that iOS devices are immune to malicious code attacks has taken a knock following the release of a new study by mobile security firm Skycure.…

No Free Pass for ExPetr

Recently, there have been discussions around the topic that if our product is installed, ExPetr malware wonrsquo;t write the special malicious code which encrypts the MFT to MBR.
Some have even speculated that some kind of conspiracy might be ongoing.… Read Full Article
Irsquo;ve been monitoring Google Play Store for new Ztorg Trojans since September 2016, and have so far found several dozen new malicious apps.

All of them were rooting malware that used exploits to gain root rights on the infected device.
In May 2017, a new Ztorg variant appeared on the Google Play Store – only this this time it wasnrsquo;t a rooting malware but a Trojan-SMS.
“Stack Clashrdquo; poses threat to Linux, FreeBSD, OpenBSD, and other OSes.
Ongoing campaign shows more hackers are adopting sneaky attack technique.
Ringleader passes 30 per cent of earnings to their stooges Security researchers have discovered a ransomware variant that targets Macs rather than Windows PCs.…
OBD-II devices are used to provide telematics information for managers of fleets of vehicles. One type of device,manufactured by CalAmp,has an SMS(text message)interface. We have found multiple deployments where no password was configured for this interface by the integrator/reseller.

Companies using the CalAmp hardware should be aware that they need to set a password or disable SMS.
Vendors were notified and the SMS interface was disabled or password-protected by all vendors known to be affected.