Zero-Day Exploit in WinRAR File
August 19 2025A zero-day vulnerability in WinRAR is being exploited by at least two Russian criminal groups:
The vulnerability seemed to have super Windows powers. It abused alternate data streams,...
Read more
Trojans Embedded in .svg Files
August 15 2025Porn sites are hiding code in .svg files:
Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version...
Read more
Google Sues the Badbox Botnet Operators
July 23 2025It will be interesting to watch what will come of this private lawsuit:
Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which...
Read more
New Mobile Phone Forensics Tool
July 18 2025The Chinese have a new tool called Massistant.
- Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya... Read more
Ubuntu Disables Spectre/Meltdown Protections
July 2 2025A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution...
Read moreSlopsquatting
April 16 2025As AI coding assistants invent nonexistent software libraries to download and use, enterprising attackers create and upload libraries with those names—laced with malware, of course. EDITED TO ADD (1/22): Research...
Read moreTP-Link Router Botnet
March 14 2025There is a new botnet that is infecting TP-Link routers:
The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware...
Read more
Thousands of WordPress Websites Infected with Malware
March 10 2025The malware includes four separate backdoors:
Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen...
Read more
Delivering Malware Through Abandoned Amazon S3 Buckets
February 12 2025Here’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software...
Read more
Recent Comments