Monthly Archives: January 2017
Protected US Military Server Poked Via Army Website
RVAsec 2017 Call for Presentations
Posted by Sullo on Jan 23
The CFP for RVAsec 2017 is underway!
____________________________________
RVAsec // June 8-9th, 2017 // Richmond, VA
RVAsec is a Richmond, VA based security convention that brings top industry
speakers to the midatlantic region. In its fourth year, RVAsec 2016
attracted nearly 400 security professionals from across the country.
Talks must be 50 minutes in length, and submissions will need to select
from one of two tracks: business or…
CVE-2017-5182 (open_enterprise_server)
Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).
Spora, a Sophisticated New Ransomware, Detected in January
A few days ago, our colleagues at G-Data published an interesting analysis of Spora, a new ransomware that appeared in January. It had first been spotted by the people at ID Ransomware, and is mainly affecting Russia. A link was published in a forum detailing the analysis results of one of the samples sent by way of spam in VirusTotal. It is an HTA file that none of the engines present there detected, neither Panda Security, nor G-Data, nor any other.
Does this mean that the 53 participants in VirusTotal are unable to detect and block this new threat? Not at all. It means that at the time of the analysis nobody had bothered to write a signature to detect a file that, besides, is actually ephemeral. The important thing is to protect users and prevent them from becoming infected. If there is no other way to accomplish this than by creating signature, there’s not much you can do about it. But at least for some of us this is seems to be completely unnecessary in most cases, as in the present one.
Taking a look at the information in our cloud, we have observed and blocked Spora detections from the first moment, without having to create signatures for it. We can confirm that indeed most of the cases are in Russia, although we have also seen cases in Japan.
These are the different hashes that we’ve seen:
312445d2cca1cf82406af567596b9d8c
acc895318408a212b46bda7ec5944653
c1f37759c607f4448103a24561127f2e
c270cf1f2cfeb96d42ced4eeb26bb936
Always make sure to detect threats well in advance with a good cybersecurity solution such as Panda’s Adaptive Defense 360.
The post Spora, a Sophisticated New Ransomware, Detected in January appeared first on Panda Security Mediacenter.
Massive Twitter Botnet Dormant Since 2013
Researchers from the University College London have found a Twitter botnet of 350,000 bots that has been dormant since shortly after the accounts were registered.
Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug
It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.
It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at
Brewing the perfect nano-beer
Time is of the essence as a memorable beer is needed for your weekend party. But while you really want to surprise and impress friends with your technical and culinary prowess, the brewing options are limited. From the top shelf, just buying a run-of-the-mill industrial brew 6-pack is out, especially that Anheuser-Busch InBev has gobbled […]
The post Brewing the perfect nano-beer appeared first on Avira Blog.
Source Code for another Android Banking Malware Leaked
Another bad news for Android users — Source code for another Android banking malware has been leaked online via an underground hacking forum.
This newly discovered banking Trojan is designed to steal money from bank accounts of Android devices’ owners by gaining administrator privileges on their smartphones.
Apparently, it will attract the attention of many cyber criminals who can recompile
CVE-2016-9870 (isilon_onefs)
EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 – 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 – 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.