The purpose of this blog is to deliver technical details of an as-yet minimally documented malware that has made headlines in Poland.
The post Demystifying targeted malware used against Polish banks appeared first on WeLiveSecurity
Monthly Archives: February 2017
Yahoo Hacked Once Again! Quietly Warns Affected Users About New Attack
Has Yahoo rebuilt your trust again?
If yes, then you need to think once again, as the company is warning its users of another hack.
Last year, Yahoo admitted two of the largest data breaches on record. One of which that took place in 2013 disclosed personal details associated with more than 1 Billion Yahoo user accounts.
Well, it’s happened yet again.
<!– adsense –>
Yahoo sent out another
RSA 2017: The year the little guys get swallowed up
RSA feels like a mashup of giant tech Titans steadily swallowing up the little guys to make one massive, unholy tech monster. But how does that really work for small businesses as customers, and the rest of us?
The post RSA 2017: The year the little guys get swallowed up appeared first on WeLiveSecurity
New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups
Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal.
A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices.
The malware is designed to
Fly the rant-free, pilot-free skies
Don’t worry about the mental stability of your pilot — there might not be one in the future. Test flights of an autonomous jet are taking off now in the UK.
The post Fly the rant-free, pilot-free skies appeared first on Avira Blog.
Gmail starts blocking JavaScript attachments: Alternative infector vectors to be expected?
Gmail rolls out a new policy to block JavaScript attachments, increasing security restrictions as ransomware attacks increase.
The post Gmail starts blocking JavaScript attachments: Alternative infector vectors to be expected? appeared first on WeLiveSecurity
pcre-8.40-2.fc24
This release fixes pcregrep multi-line matching with –only-matching option, a crash when JIT-compiling some patterns (CVE-2017-6004) and a possible buffer overflow when formatting a pcregrep error message.
QNAP QTS 4.2.x multiple vulnerabilities
Posted by Harry Sintonen on Feb 15
QNAP QTS 4.2.x multiple vulnerabilities
=======================================
The latest version of this advisory is available at:
https://sintonen.fi/advisories/qnap-qts-42-multiple-vulnerabilities.txt
Overview
——–
QNAP QTS firmware contain Missing Transport Layer Security (CWE-319),
Improper Certificate Validation (CWE-295), Command Injection (CWE-77),
Cross-Site Scripting (CWE-79) and Information Exposure (CWE-200)
vulnerabilities…
Suricata IDS – IPv4 evasion
Posted by Jérémy BEAUME on Feb 15
Here are the details of the (patched) IPv4 evasion I found in Suricata IDS/IPS:
# Software
Suricata IDS/IPS
website : https://suricata-ids.org/
editor : Open Information Security Foundation (OISF) https://oisf.net/
# Impacted version
3.2.x before 3.2.13.13
3.1.3 and before
All execution mode are impacted : nfqueue, af-packet, …
# Vulnerability description
Suricata did not used the IP protocol field value to identify
fragments from a same…
CVE-2017-5344 : dotCMS Blind Boolean SQL Injection in dotCMS <= 3.6.1
Posted by Ben N on Feb 15
# Blind Boolean SQL Injection in dotCMS <= 3.6.1 (CVE-2017-5344)
## Product Description
dotCMS is a scalable, java based, open source content management system
(CMS) that has been designed to manage and deliver personalized, permission
based content experiences across multiple channels. dotCMS can serve as the
plaform for sites, mobile apps, mini-sites, portals, intranets or as a
headless CMS (content is consumed via RESTful APIs). dotCMS is…