Monthly Archives: March 2021
Purple Fox Malware Evolves With Worm Capabilities
The Windows malware called Purple Fox Evolves with worm capabilities. Purple Fox in the past the malware targeted Windows machines through a various attack methods like phishing and exploits before the software was evolved.
Guardicore Labs revealed that Purple Fox can now breach windows machines through SMB Brute-Force attacks. The Purple Fox malware would compromise various IIS7.5 servers to push rootkit’s which would then allow Purple Fox to hide itself within the Windows machine.
Once the payload is deployed, an MSI installed launches.
… Read the rest“The installer pretends to be a Windows Update package along with Chinese text which roughly translates to ‘Windows Update’ and random letters,” which Guardicore Labs explained. “These letters are randomly generated between each different MSI installer to create a different hash and make it a bit difficult to tie between different versions of the same MSI.”
“This is a ‘cheap’ and simple way of evading various detection
Three Linux vulnerabilities provided root access to hackers since 2006
Three Linux vulnerabilities provided root access to hackers since 2006 in the iSCSI module used for getting to shared data storage. This flaw could allow root access to any hacker with a user account.
The three vulnerabilities – CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365 – were in the Linux code since 2006 going unnoticed until the researchers from GRIMM discovered them.
… Read the restAdam Nichols, Software Security Principal at GRIMM said. “If you already had execution on a box, either because you have a user account on the machine, or you’ve compromised some service that doesn’t have repaired permissions, you can do whatever you want basically,”
Even though the flaw “are in code that isn’t remotely accessible, so this isn’t like a remote exploit,” said Nichols. However they can take “any existing threat that might be there. It just makes it that much worse,” he explained. “And if you have users on the system
Microsoft released one-click solution for Exchange Vulnerability
To combat the severe vulnerability facing exchange servers, Microsoft has released a one-click solution to help server administrators mitigate the problem.
Microsoft Stated “We realized that there was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server,”
It has been reported by RISKIQ that over 80,000 servers are still vulnerable. Microsoft decided to take action and create a solution to mitigate the problem quicker. The one-click application should resolve the issues with exchange server 2013, 2016 and 2019.
You can find the download and more details on Microsoft’s Security Response Center.
Has your computer been hijacked with cryptojacking?
There are so many ways that hackers can use your computer to make themselves money and cryptojacking is one of them. Worst part about it is if you don’t have proper security in place you wont even know that your infected.
What is Cryptojacking?
Well the term cryptojacking refers to the unauthorized use of someone’s computer for mining cryptocurrency, for example bitcoin. Cryptojacking is a big deal because the hackers are stealing your computing power and making your systems slower. All the computing power they are using up will have a tangible effect in your power consumption and could cost you double in your power bill.
How does Cryptojacking work?
There are a few methods that you can be infected with Cryptojacking.
- Hackers can send you an email and trick you into clicking the link that loads the malicious software on your computer.
- Hackers can compromise a website or an
Loading ...