Security Affairs

APRIL 29, 2020

The discovery urges Apple into implementing additional security measures to protect these components, following the approach already adopted by Google to protect multimedia processing libraries. Multimedia processing libraries are used by the modern mobile OS to automatically manage multimedia files (i.e. images, audio, and videos).

Libraries 113

Libraries Paper Security Cybersecurity 113

Security Affairs

APRIL 14, 2020

The two RCE flaws in Windows, tracked as CVE-2020-1020 and CVE-2020-0938 , are related to the Adobe Type Manager Library. In March, Microsoft warned of hackers exploiting the two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact all supported versions of Windows.

Libraries 99

Libraries Authentication Security Risk 99

Security Affairs

APRIL 30, 2020

” reads the analysis published by Cybereason. Most recent versions of EventBot also include a ChaCha20 library that can improve performance, but it is not currently being used, a circumstance that suggests authors are actively working to optimize EventBot. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Financial Services 107

Financial Services Libraries Encryption Authentication 107

Security Affairs

SEPTEMBER 24, 2020

” reads the analysis published by CheckPoint. The vulnerability ties on how Instagram uses third-party libraries for image processing, in particular, the open-source JPEG decoder Mozjpeg. “Our blog post describes how image parsing code, as a third party library, ends up being the weakest point of Instagram’s large system.

Access 116

Access Libraries Communications IT 116

CILIP

SEPTEMBER 2, 2020

Data science has a wide range of applications within the information profession, from working alongside researchers in the discovery of new knowledge, to the application of business analytics for the smoother running of a library or library services.

Data science 52

Data science Access Libraries Analytics 52

Security Affairs

AUGUST 10, 2018

The experts focused their analysis on the code reuse, past investigations revealed that some APT groups share portions of code and command and control infrastructure for their malware. In defining similarities, we take into account only unique code connections, and disregard common code or libraries. ” states the report.

Libraries 44

Libraries Ransomware Security Access 44

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government 136

Government Libraries Cybersecurity Phishing 136

Security Affairs

JUNE 9, 2019

The focused their analysis on the Spiservice service listening on post 8043. The SpiService.exe is associated with XFS, the Extension for Financial Services DLL library (MSXFS.dll) that is specifically used by ATMs.” “The library provides a special API for the communication with the ATM’s PIN pad and the cash dispenser.”

Libraries 91

Libraries Communications Financial Services Risk 91

Security Affairs

FEBRUARY 21, 2019

The flaw is an “Absolute Path Traversal” issue in the library that could be exploited to execute arbitrary code by using a specially-crafted file archive. The issue affects a third-party library, called UNACEV2.DLL The flaw resides in the way an old third-party library, called UNACEV2.DLL, dll library in 2005.

Libraries 94

Libraries Archiving Security IT 94

Security Affairs

MARCH 3, 2020

Technical Analysis. The “ AutoUpdate.dll” library then gains persistence by setting the following registry key “ HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnceWindowsDefender ”. This task can be executed using the Tool Help Library Windows API family using CreateToolhelp32Snapshot() , Process32First() , and Process32Next() API.

IT 126

IT File names Libraries Communications 126

Security Affairs

FEBRUARY 15, 2019

The malicious Monero (XMR) Coinhive cryptomining scripts were delivered leveraging the Google’s legitimate Google Tag Manager (GTM) library. ” reads the analysis published by Symantec. The analysis of the network traffic associated with the apps allowed the researchers to find the hosting server for each app.

Mining 89

Mining Libraries Analytics Security 89

Security Affairs

MARCH 28, 2020

dll (file version 3.5.15.20) library that doesn’t properly validate user-supplied data sent to the web server URL endpoint. ” reads the analysis published by Tenable. 0xffffffff) via a WEB_CLIENT_OPENCONNECTION message sent to the CmpWebServerHandlerV3 component: |foo|-1|true|” continues the analysis.

Libraries 115

Libraries Communications IT Security 115

Security Affairs

APRIL 3, 2019

Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. The two loaders discovered by Cylance and used by the APT group use side-loaded DLLs and an AES128 implementation from Crypto++ library for payload decryption.

Libraries 77

Libraries Encryption Communications Manufacturing 77

Security Affairs

MAY 11, 2019

” reads the analysis published by Cisco Talos. SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” The flaw, tracked as CVE-2019-5018 affects SQLite 3.26.0,

Libraries 98

Libraries Security IT 98

Security Affairs

FEBRUARY 22, 2020

” reads the analysis published by CheckPoint. “The Haken clicker utilizes native code and injection to Facebook and AdMob libraries while communicating with a remote server to get the configuration.” ” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Libraries 128

Libraries Communications IT Security 128

Security Affairs

APRIL 16, 2019

Cyber security firm FireEye announced the release of FLASHMINGO, a new open source tool designed to automate the analysis of Adobe Flash files. FireEye released FLASHMINGO , a new open source tool designed to automate the analysis of Adobe Flash files. FLASHMINGO leverages the open source SWIFFAS library to parse Flash files (SWF).

Libraries 80

Libraries Security IT 80

Security Affairs

AUGUST 27, 2019

The module was hidden in a 3rd-party advertising library that the author of the app recently was introduced. “After analyzing the app, we saw an advertising library in it that contains a malicious dropper component. ” reads the analysis published by Kaspersky. ” reads the analysis published by Kaspersky.

IT 97

IT Libraries Encryption Security 97

Security Affairs

NOVEMBER 5, 2020

Dynamic-link library (DLL) side-loading takes advantage of how Microsoft Windows applications handle DLL files. ” reads the analysis published by Sophos. ” continues the analysis. . ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

File names 109

File names Encryption Libraries IT 109

Security Affairs

NOVEMBER 24, 2019

The analysis of the logs for sale in the underground community allowed the experts to estimate that Raccoon infected over 100,000 users worldwide at the time of its discovery. ” reads the analysis published by Cofense. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Libraries 84

Libraries Sales Phishing IT 84

Security Affairs

NOVEMBER 3, 2020

The zero-day flaw was discovered on October 29, 2020 by Google white-hat hacker Samuel Groß of Google Project Zero and Clement Lecigne of Google’s Threat Analysis Group. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. Pierluigi Paganini.

Libraries 108

Libraries Security IT Access 108

Security Affairs

SEPTEMBER 12, 2018

” reads hte analysis published by Trend Micro. ” Experts warn of its ability to bypass static analysis methods due to the combined use of Inno Setup Installer and PyInstaller. . exe will drop malware components — several C++ and Python libraries and the Python 2.7 ” states the report. Pierluigi Paganini.

Ransomware 86

Ransomware Libraries Encryption Archiving 86

Security Affairs

MAY 9, 2020

The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. ” reads the analysis published by the researchers. “Both Mac and Linux variants use the WolfSSL library for SSL communications. ” continues the report.

Libraries 87

Libraries Communications Encryption Authentication 87

Security Affairs

OCTOBER 11, 2019

“The Open Hardware Monitor library provides a signed kernel driver named “WinRing0,” which is extracted and installed during runtime.” ” reads the analysis published by the experts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the security advisory published by HP.

Analytics 79

Analytics Libraries Security Access 79

National Archives Records Express

NOVEMBER 3, 2022

In 2014, NARA launched an effort to rethink the Electronic Records Archive (ERA) system to modernize the processing and preservation of electronic records, both born-digital and digitized. Success of the Strategy depends upon ongoing analysis of the numbers and types of file formats across all NARA’s electronic records collections.

Digital preservation 98

Digital preservation Archiving Access Libraries 98

Security Affairs

DECEMBER 2, 2019

In the above solutions, privileged processes were attempting to load libraries that are not present at the expected location, allowing the attackers to place their own libraries and get them executed. ” reads the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Libraries 64

Libraries Authentication Security IT 64

Security Affairs

MAY 12, 2020

The malware achieves persistence by adding a Run key to the Windows Registry, it can come in two different formats, an executable file or a dynamic link library (DLL). ” reads the analysis published by IBM. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Libraries 96

Libraries Sales Government IT 96

Security Affairs

NOVEMBER 21, 2019

” reads the analysis published by 360 Netlab. One of the addresses disguised the Bot sample as a Google font library “ roboto. ” reads the analysis. Additional technical details such as IoCs are included in the analysis published by the experts. ttc “, so we named the Botnet Roboto.”

Honeypots 80

Honeypots Systems administration Passwords IoT 80

Security Affairs

MARCH 6, 2019

The vulnerability was discovered late February by Clement Lecigne, a security researcher at the Google Threat Analysis Group. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.” Pierluigi Paganini.

Libraries 110

Libraries Security Access 110

Security Affairs

MAY 10, 2020

“Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.” Researchers also included Indicators of Compromise (IoCs) in the analysis they have published. Pierluigi Paganini.

Mining 86

Mining Libraries Access Encryption 86

Security Affairs

MAY 20, 2019

” reads the analysis published by Chronicle. “Analysis of these larger convoluted clusters is ongoing. ” The technical analysis of the Linux version of Winnti backdoor revealed the presence of two files, the main backdoor (libxselinux) and a library (libxselinux.so) used to avoid the detection. .”

Healthcare 94

Healthcare Communications Libraries Access 94

Security Affairs

MAY 5, 2020

This flaw was discovered by Bernd Edlinger and reported to OpenSSL on 7th April 2020, the researchers found the issue by using the new static analysis pass being implemented in the GNU Compiler Collection (GCC) static code analyzer. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Libraries 103

Libraries Cybersecurity Security IT 103

Security Affairs

JULY 13, 2019

Backdoor mechanism found in Ruby strong_password library. Spotting RATs: Delphi wrapper makes the analysis harder. Prototype Pollution flaw discovered in all versions of Lodash Library. UK ICO proposes a $123 million fine for Marriott 2014 data breach. Cyberattack shuts down La Porte County government systems.

Security 51

Security Libraries Data breaches Ransomware 51

Security Affairs

SEPTEMBER 12, 2019

This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.” ” reads the analysis published by Secureworks. The landing page appears to be identical or quite similar to the spoofed library resource. and Switzerland.

Phishing 79

Phishing Libraries File names Metadata 79

Security Affairs

SEPTEMBER 27, 2019

The experts discovered that the Magecart hackers are able to inject credit card skimmer into a popular open-source JavaScript library that websites use to ensure wide compatibility with mobile browsing. ” reads the analysis published by IBM.”By ” reads the analysis published by IBM.”By Pierluigi Paganini.

Libraries 68

Libraries Access IT Security 68

Security Affairs

JUNE 2, 2019

. “To confound detection, its operators recently started using PowerShell scripts that provide direct, in- memory loading and execution of malware executables and libraries. The PowerShell scripts used by Turla in recent attacks allow direct, in-memory loading and execution of malicious executables and libraries avoiding detection.

Libraries 96

Libraries Cloud Security Cybersecurity 96

Security Affairs

FEBRUARY 1, 2019

Technical analysis. The analysis of this binary is reported in the next paragraph (see “DLL Analysis”). It’s interesting to notice it calls some “non-library” functions; functions loaded from the previously referenced dll file. DLL Analysis. Figure 11 – Static analysis on DLL. Table 3 – DLL information.

Libraries 84

Libraries Phishing Security IT 84

Security Affairs

APRIL 14, 2020

” reads the analysis published by PaloAlto Networks. ” The messages use a weaponized rich text format (RTF) attachment that exploits the CVE-2012-0158 buffer overflow in Microsoft’s ListView / TreeView ActiveX controls in MSCOMCTL.OCX library. .” ” continues the analysis. Pierluigi Paganini.

Ransomware 114

Ransomware Phishing File names Encryption 114