Critical Vulnerability Patched in Apache Struts

The Apache Struts web development framework has received new security updates to address a critical vulnerability that could allow attackers to compromise web applications and servers. Apache Struts is widely used for developing web applications in en… Continue reading Critical Vulnerability Patched in Apache Struts

Malicious App Infects 60,000 Android Devices – But Still Saves Their Batteries

A battery-saving app enables attackers to snatch text messages and read sensitive log data – but it also holds true to its advertising. Continue reading Malicious App Infects 60,000 Android Devices – But Still Saves Their Batteries

How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape: Blockchain Infrastructure Use

Introduction
Cyber criminals have always been attracted to cryptocurrencies
because it provides a certain level of anonymity and can be easily
monetized. This interest has increased in recent years, stemming far
beyond the desire to simply use cr… Continue reading How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape:
Blockchain Infrastructure Use

Domain Fronting – Tradecraft Security Weekly #18

Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN’s like Cloudfront to make it appear like normal Internet traffic. It is very difficult to detect and block for defenders as it appears as if clients on a network are connecting […]

The post Domain Fronting – Tradecraft Security Weekly #18 appeared first on Security Weekly.

Continue reading Domain Fronting – Tradecraft Security Weekly #18

Command & Control 101: Transports – Tradecraft Security Weekly #9

After an attacker is successful in getting a payload onto a system and getting it to run they still have to worry about whether there will be a successful connection out to a command and control server. There are a number of different transport mechanisms that can be utilized including direct TCP connections, pivoting through […]

The post Command & Control 101: Transports – Tradecraft Security Weekly #9 appeared first on Security Weekly.

Continue reading Command & Control 101: Transports – Tradecraft Security Weekly #9

That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say

Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]

The post That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say appeared first on Cyberscoop.

Continue reading That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say

Carbanak Using Google Services for Command and Control

Carbanak has surfaced again with new campaigns using Google hosted services such as Forms and Sheets as command and control channels. Continue reading Carbanak Using Google Services for Command and Control

Gdog – Python Windows Backdoor With Gmail Command & Control

Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server, it’s inspired by Gcat and pushes a little beyond a proof of concept with way more features. And don’t forget, Gcat also inspired Twittor – Backdoor Using Twitter For Command & Control. Features Encrypted transportation messages (AES) + SHA256…

Read the full post at darknet.org.uk

Continue reading Gdog – Python Windows Backdoor With Gmail Command & Control