by CIRT Team
Linux Vulnerability Hits CentOS, Debian, and Red Hat Distros [latesthackingnews]
Researchers have discovered a critical vulnerability that allegedly affects multiple Linux distros. The vulnerability named Mutagen Astronomy allows an attacker to gain complete control of a targeted system through root access. This Linux vulnerabilityadversely impacts all current versions of Red Hat, Debian, and CentOS distributions. Mutagen Astronomy – Vulnerability Giving Root Access To Hackers Researchers at Qualys have discovered a critical security vulnerability that adversely affects...
Read More
by CIRT Team
GhostDNS: New Botnet Hijacked Over 100,000 Routers [source: thehackernews]
Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing DNS server settings on an infected device, allowing attackers to route the users’...
Read More
by CIRT Team
Detecting ‘deepfake’ videos in the blink of an eye [source: theconversation]
A new form of misinformation is poised to spread through online communities as the 2018 midterm election campaigns heat up. Called “deepfakes” after the pseudonymous online account that popularized the technique – which may have chosen its name because the process uses a technical method called “deep learning” – these fake videos look very realistic. So far, people have used deepfake videos in pornography and...
Read More
by CIRT Team
GlobeImposter use new ways to spread to the globe [source: 360totalsecurity]
Recently, there have been many incidents of ransomware attacks. Once users are infected by ransomware, it is almost impossible to decrypt it by technical means that users can only be forced to abandon data or pay ransom to solve. Therefore, unlike other virus Trojans, the “pre-defense strategy” is different from the “after-the-fact killing strategy”. Today, we would like to make a brief summary of the...
Read More
by CIRT Team
Recent Windows zero-day vulnerability is exploited with Google Chrome [source: 360totalsecurity]
A few days ago, an elevation of privilege vulnerability in Windows was exposed, but only two days later, an organization called Powerpool was eyeing this vulnerability, and also produced a Trojan. Even though the Trojan is produced in a very short period, its attack power is still significant. Once the computer is attacked, the attacker can intercept the user’s screen to upload and download files,...
Read More
by CIRT Team
KomarMiner, a cryptomining Trojan disguising as cracking software [360totalsecurity]
Recently, 360 Security Center monitored a kind of malicious mining Trojans disguising as all kinds of commonly used cracking software for big spread. At present, it has already supported defense against killing and killing. It is recommended that users do not download various software with unknown origins. Download the software as far as possible to the official website. Analysis KomarMiner Trojan disguises as a variety...
Read More
by CIRT Team
WordPress phishing scam targets the database credentials of the users [source: 360totalsecurity]
Recently, there has been a phishing email for WordPress users. The content of the email is to inform the users that their database needs to be updated, as shown in the figure below: Although the email is similar to a legitimate WordPress update, there are still a number of vulnerabilities: the content contains typos and the message delivery method is older. The deadlines marked in...
Read More
by CIRT Team
MikroTik Routers Are Forwarding Owners’ Traffic to the Attackers [source: netlab.360]
2018-09-05 11:00 GMT+8, with the generous help from the AS64073, 103.193.137.211 has been promptly suspended and is no longer a threat. Overview MikroTik is a Latvian company founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in countries around the world. In 1997, MikroTik created the RouterOS software system. In 2002, MikroTik decided to build...
Read More
by CIRT Team
Copying v Dragging a file to an OS X Disk Image [source: ThinkDFIR]
Had a need to do some quick testing on different operations on OS X 10.10.5 (Yosemite) and thought I’d share. Created a new disk image, and then copied an existing file into it. Then created a new file, and dragged that into the disk image. Here is what we may found! Action Plan Copy Existing File I had a file which had some text in...
Read More
by CIRT Team
Apple iPhone “Significant Locations” [source: prodigital4n6]
Where & What Are “Significant Locations” The first step is to identify where and what “Significant Locations” are. The artifact is available to view on the device at Settings>Privacy>Location Services>System Services>Significant Locations. If location services are turned OFF, the significant locations data will not be logged and therefore unavailable. Interestingly, to access Significant Locations on the device, the passcode or Touch ID must be...
Read More
