Found 4 bookmarks
Newest
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Fox-IT (part of NCC Group) has uncovered a large-scale exploitation campaign of Citrix NetScalers in a joint effort with the Dutch Institute of Vulnerability Disclosure (DIVD). An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing webshells on vulnerable NetScalers to gain persistent access. The adversary can execute arbitrary commands with this webshell, even when a NetScaler is patched and/or rebooted. At the time of writing, more than 1900 NetScalers remain backdoored. Using the data supplied by Fox-IT, the Dutch Institute of Vulnerability Disclosure has notified victims.
#fox-it#EN#2023#CVE-2023-3519#citrix#NetScalers#backdoored
·blog.fox-it.com·
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Snake: Coming soon in Mac OS X flavour – Fox-IT International blog
Snake: Coming soon in Mac OS X flavour – Fox-IT International blog
Summary Snake, also known as Turla, Uroburos and Agent.BTZ, is a relatively complex malware framework used for targeted attacks. Over the past year Fox-IT has been involved in multiple incident response cases where the Snake framework was used to steal sensitive information. Targets include government institutions, military and large corporates. Researchers who have previously analyzed…
#fox-it#2017#EN#Snake#Turla#Uroburos#malware#framework#macos#OSX
·blog.fox-it.com·
Snake: Coming soon in Mac OS X flavour – Fox-IT International blog
Sharkbot is back in Google Play
Sharkbot is back in Google Play
Authored by Alberto Segura (main author) and Mike Stokkel (co-author) Introduction After we discovered in February 2022 the SharkBotDropper in Google Play posing as a fake Android antivirus and cleaner, now we have detected a new version of this dropper active in the Google Play and dropping a new version of Sharkbot.This new dropper doesn't…
#fox-it#EN#2022#sharkbot#SharkBotDropper#GooglePlay#antivirus#cleaner#fake
·blog.fox-it.com·
Sharkbot is back in Google Play
Sharkbot is back in Google Play
Sharkbot is back in Google Play
Authored by Alberto Segura (main author) and Mike Stokkel (co-author) Introduction After we discovered in February 2022 the SharkBotDropper in Google Play posing as a fake Android antivirus and cleaner, now we have detected a new version of this dropper active in the Google Play and dropping a new version of Sharkbot.This new dropper doesn't…
#fox-it#EN#2022#sharkbot#SharkBotDropper#GooglePlay#antivirus#cleaner#fake
·blog.fox-it.com·
Sharkbot is back in Google Play