Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

CVE-2021-40903: GitHub - anselal/antminer-monitor: Cryptocurrency ASIC mining hardware monitor using a simple web interface

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static.

CVE
Open in Source
#vulnerability#web#mac#windows#linux#git#backdoor#perl
China-linked APT Flew Under Radar for Decade

Evidence suggests that a just-discovered APT has been active since 2013.

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks

Play Store Apps Caught Spreading Android Malware to Millions

By Deeba Ahmed The apps were loaded with info-stealing malware that can extract victims’ Facebook credentials and download other software, etc.… This is a post from HackRead.com Read the original post: Play Store Apps Caught Spreading Android Malware to Millions

Threat Source newsletter (June 16, 2022) — Three top takeaways from Cisco Live

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  I’m still decompressing from Cisco Live and the most human interaction I’ve had in a year and a half.   But after spending a few days on the show floor and interacting with everyone, there are a... [[ This is only the beginning! Please visit the blog for the complete entry ]]

CVE-2017-20050: Full Disclosure: Axis Camera Multiple Vulnerabilities

A vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component.

Stealthy Symbiote Linux malware is after financial institutions

Symbiote, the latest malware to hit Linux users, is a parasite more than anything. Protect against this banking credential stealer now! The post Stealthy Symbiote Linux malware is after financial institutions appeared first on Malwarebytes Labs.

Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users

By Deeba Ahmed A Chinese-speaking, technically skilled threat actor distributes backdoored applications to extract cash from victims in the newly discovered… This is a post from HackRead.com Read the original post: Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users

Chinese Threat Actor Employs Fake Removable Devices as Lures in Cyber Espionage Campaign

"Aoqin Dragon" has been operating since at least 2013, with targets including government and telecommunications companies in multiple countries.

How Can Security Partnerships Help to Mitigate the Increasing Cyber Threat?

Martyn Ryder from Morphean explains why forging trusted partnerships is integral to the future of physical security in a world of networks, systems, and the cloud.