Remove 01
Remove 2019 Remove Data Remove Information Security Remove Security
article thumbnail

U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. CVE-2019-0344 is a deserialization of untrusted data vulnerability.

Cloud 117
article thumbnail

Google addresses over 70 flaws in Android, including a remotely exploitable issue

Security Affairs

Google’s March 2020 security updates for Android address over 70 flaws, including a critical vulnerability that affects the media framework. . Google’s March 2020 security updates for Android include the fix for a critical vulnerability, tracked as CVE-2020-0032, that affects the media framework as part of the 2020-03-01 security patch level.

Security 127
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

article thumbnail

Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker

Security Affairs

List of some baking campaigns this Brazilian threat group has performed in Portugal: 13/03 – Novo Banco Trojan-Banker 12/03 – Caixa Geral Depósitos 13/02 – Millennium BCP e Montepio 20/01 – Montepio e Millennium BCP 14/01 – Santander e Novo Banco 12-2019/01-2020: Lampion Trojan (…). Pierluigi Paganini.

article thumbnail

SystemBC, a new proxy malware is being distributed via Fallout and RIG EK

Security Affairs

The use of SOCKS5 proxies was observed several times by malware researchers, it allows to avoid detection bypassing security measures that identify malicious traffic. The experts spotted a variant of the SystemBC proxy malware while analyzing a Fallout EK campaign on June 4, 2019 that was deliveriing the Danabot banking Trojan.

article thumbnail

Brazilian trojan banker is targeting Portuguese users using browser overlay

Security Affairs

One of the last occurrences was last December 2019, where the Lampion trojan operated in a very similar way, changing only the way the malware was distributed (via AWS S3 buckets and with the first stage encoded in a highly obfuscated VBS file). After that, the infected computer is restarted to make the trojan persistent.

article thumbnail

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. Technical Analysis.