Think, Talk, Hack

New RAT malware evades detection using JavaScript code embedded in HTML receipt files instead of downloading an ISO file from remote servers

Cybersecurity specialists report the detection of a new phishing campaign dedicated to the delivery of the AsyncRAT Trojan hidden in an HTML attachment. This malware allows threat actors to monitor affected systems and even control them remotely through an encrypted and undetectable connection for victims. The infection starts with a simple email containing an HTML […]

root

14 New Vulnerabilities Uncovered In Linux Powered Embedded Devices

On Tuesday 14, the cybersecurity researchers of Claroty and JFrog have detected 14 new vulnerabilities in the BusyBox Linux utility. BusyBox is one of the most extensively used Linux software suites, and there are several world’s leading operational technology (OT) and Internet of Things (IoT) devices that use BusyBox. These vulnerabilities could be exploited to […]

root

25 BadAlloc vulnerabilities affects BlackBerry QNX RTOS used by over 195 million vehicles and embedded systems in different industries. Patch quickly

In a security report, BlackBerry announced that its QNX Real Time Operating System (RTOS) is affected by a vulnerability known as BadAlloc. Tracked as CVE-2021-22156, this set of flaws could be exploited for remote threat actors to deploy denial of service (DoS) attacks and remote code execution. QNX RTOS is used in a wide range […]

root

TheTick – A simple embedded Linux backdoor

A simple embedded Linux backdoor. Compiling The Tick depends only on libcurl, so make sure you have the corresponding development package. For example on Debian based distributions you would do the following: sudo apt-get install libcurl-dev Once the dependencies are installed just run the makefile: cd src make clean make Once the “make” command has […]

root

Google to Block Sign-ins from Embedded Browser Frameworks

In a bid to improve its phishing protections and to protect users from MITM attacks, Google has come up with a new move- a decision to block users sign-in using Embedded browser frameworks. GBHackers on Security reports, “Google announced a new security update to block users sign-in using Embedded browser frameworks in order to improve […]

root

Google To Ban Embedded Browser Logins To Stop Man-In-The-Middle Attacks

Google will ban logins from embedded browser frameworks, starting June 2019. The reason is the increased risk of phishing hacks using the man-in-the-middle attack. In this exploit, the conversation between the two parties is intercepted by a third unknown entity, who can change its content. Users are most vulnerable to man-in-the-middle attacks when they login […]

root

Microsoft Patents Touch Sensor Embedded Fabrics For Surface Devices

According to a patent application, Microsoft’s next-gen Surface devices might include smart fabrics on the back, that would offer standard functionality like swiping gestures, changing volume and more. Under the patent titled “Forming Touch Sensor on Fabric”, Microsoft says that it will be adding touch sensors on many of its handheld devices including Surface, HoloLens and […]

root

Routersploit – A Free Framework for Exploiting Embedded Devices

Routersploit is an open source framework used for exploiting vulnerabilities in embedded devices like routers. Routersploit is loaded with various modules that help the tool perform its functionality. These modules can be divided into the following categories. (a) Scanner Modules: Scanner modules are responsible for finding the vulnerabilities in the routers or embedded devices. (a) […]

root

Patching DoublePulsar to Exploit Windows Embedded Machines

During one of my engagements, I discovered some Windows devices that were affected by the MS17-010vulnerability. One of these devices caught my attention as it’s something I haven’t encountered yet – a Windows Embedded operating system.  Since it’s vulnerable to MS17-010, I immediately tried the relevant Metasploit modules. However, none of them worked. All I got was just […]

root

What happened after the US moved to chip-embedded payment cards?

Card-Not-Present fraud is still a problem, however. The US began its transition to chip-based credit cards in earnest in October 2015, after high-profile credit card hacks in the previous years at Target, Home Depot, Michaels, and other big-box retailers. Today, although only 59 percent of US storefronts have terminals that accept chip cards, fraud has dropped […]

root

Hackers Spreading Cryptocurrency Mining scripts via videos that Embedded in MS Office Word Documents

Microsoft word documents abused by Cryptocurrency Mining script embedded phishing Videos and victims tricked into watching an “innocent” video that leads to performing a crypto-Jacking Attack on victims PC. Nowadays Hackers always finding a new malicious way to mining Cryptocurrency by abusing various legitimate platform. Usually, Browser-based cryptocurrency mining is performed by injecting crypto-jacking script and once […]

root

Google might block embedded cryptocurrency mining with new Chrome feature

Google Aims to Put an End to Secret Cryptojacking by Making In-Browser Permissions Necessary. In-browser cryptocurrency mining has become the latest obsession among website operators as it is being deemed as the perfect alternative to display ads. However, the point of debate is that these miners are being deployed without asking or informing users. On […]

root

Beware: Malicious Payload “Hworm” Dropped Through Embedded Youtube Video’s

A Malware called Hworm Performing multiple Attacks including steal passwords from Firefox, Opera, and Chrome browsers, ability to log keystrokes,  kill running process, capture a Screen by making use of the backdoor. This Malware initially identified June 2016 and keep observed by researchers and finally find it as it Emerged day by day. According to […]

root

Locky now using Embedded RSA Key instead of contacting Command & Control Servers

According to security researcher Timothy Davies, a new version of the Locky Ransomware, aka Zepto, has been circulating since around the September 5th 2016 that includes an embedded RSA key. This key allows Locky to encrypt a victim’s computer without having to contact their Command & Control server. As many system administrators block Command & Control servers on their […]

root

Double-click me not: Malicious proxy settings in OLE Embedded Script

Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigations investments in Windows. Tricking a user into running a malicious file or malware can be cheaper for an attacker than building an exploit which works on Windows 10. In our previous blog, Where’s the […]

root

Hidden Voice Commands Embedded in YouTube Videos Can Hijack Your Smartphone

Some attacks are hard to spot even by human subjects. A series of distorted voice commands surreptitiously hidden in YouTube videos can force unprotected Android or iOS smartphones to carry out malicious operations, researchers have discovered. Controlling smartphones with voice commands was already done last year when two security researchers from French agency ANSSI have used […]

root

PNG Embedded – Malicious payload hidden in a PNG file

One of the most complex tasks for the cybercriminals is to ensure their malicious code goes undetected by antivirus and achieves its goal. For this, they have invested a lot on more complex infection processes, going beyond the traditional phishing and using techniques where the malicious payload is hidden in encrypted files – even using […]

root

Embedded Devices Share, Reuse Private SSH Keys, HTTPs Certificates

Researchers have found that thousands of Internet gateways, routers, modems and other embedded devices share cryptographic keys and certificates, exposing millions of connections to man-in-the-middle attacks that open the door to more extensive intrusions that jeopardize encrypted data. This type of certificate reuse and sharing of SSH keys is apparently all too common among connected […]

root

Banking Malware Delivered via Macro in PDF Embedded Word Document

Delivering banking malware through Microsoft Word documents has been a less common method. However, it is currently being used for spreading malicious macros and PDF files in a single item — Avast Experts. Researchers at Avast have identified that the previously less common method of spreading banking malware has suddenly been increased. They further noted […]

root