Browsing tag
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. “Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to know […]
Cybersecurity researchers have disclosed a now-patched security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the fact that it takes advantage […]
New Adwind 3.0 RAT (Remote access Trojan) Evolving with new sophisticated capabilities, unlike old version it mainly attacks desktop version of Linux, Windows and Mac OSX using DDE code injection technique. Attackers are using weaponized Microsoft Office documents to compromise the targeted victims and also new capabilities that able to avoid detection by anti-virus software. This attack […]
Trickbot malware is one of the widely known Banking Trojan emerging again with sophisticated techniques to at target the various financial institutions and large bank to steal the banking credentials. The current version of Trickbot malware is spreading with a powerful code injection technique to evade the detection, anti-analysis technique and disable the security tools that run in […]
Linux Devices Vulnerable To Code Injection. The German Security Detective (Moskopp) can find an error code injection (bad taste – CVE-2017-11421) in the X-Thumbnail Thumbnailer which may allow an attacker to execute malicious code on Linux-oriented machines. There is a defect in the GNOME X thumbnailer, and the third thumbnailer is used by GNOME files, […]
TL;DR Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async Procedure Calls (APC). Currently, this technique goes undetected by common security solutions that focus on preventing infiltration. Code injection has been a strong weapon in the hacker’s arsenal for many years. For background on code injection and its various […]