Browsing tag
Commercially developed FinFisher surveillanceware has been upgraded to infect Windows devices using a UEFI (Unified Extensible Firmware Interface) bootkit that leverages a trojanized Windows Boot Manager, marking a shift in infection vectors that allow it to elude discovery and analysis. Detected in the wild since 2011, FinFisher (aka FinSpy or Wingbird) is a spyware toolset […]
Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed Thrangrycat or ???, the vulnerability, discovered by researchers from the security firm Red Balloon and identified as CVE-2019-1649, affects multiple Cisco products […]
Malware researchers at Trend Micro just discovered a new exploit package they have dubbed “Underminer,” which delivers an infectious bootkit to a system’s boot sectors. They have also uncovered a cryptocurrency miner called “Hidden Millifera” as well. A blog post authored by the Trend Micro Cyber Safety Solutions Team gives analytical details about the exploit. […]
A new exploit kit dubbed Underminer spreading through advertising servers that delivers bootkit which affects system boot sectors and the cryptocurrency-mining malware called Hidden Mellifera. Underminer manages to secure the malware transfers through encrypted transmission control protocol (TCP) and it packs malware as read-only filesystem ROM files. Security researchers from Trend Micro detected the Underminer’s […]
Bootkit targeting banks and payment card processors hard to detect and remove. Malware targeting banks, payment card processors, and other financial services has found an effective way to remain largely undetected as it plucks sensitive card data out of computer memory. It hijacks the computer’s boot-up routine in a way that allows highly intrusive code […]