Search cyberveille.decio.ch

MAR-10478915-1.v1 Citrix Bleed

This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR--Recipients may share this information without restriction. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction. For more information on the Traffic Light Protocol (TLP), see http://www.cisa.gov/tlp.

#cisa #EN #2023 #CitrixBleed #analysis #IoCs

·cisa.gov·Nov 21, 2023

MAR-10478915-1.v1 Citrix Bleed

MAR-10365227-3.v1 China Chopper Webshells

CISA analyzed 15 files associated with China Chopper malware. The files are modified Offline Address Book (OAB) Virtual Directory (VD) configuration files for Microsoft Exchange servers. The files have been modified with a variant of the China Chopper webshell. The webshells allow an attacker to remotely access the server and execute arbitrary code on the system(s).referenced in this bulletin or otherwise.

#uscert #csirt #cert #en #2022 #CISA #China #Chopper #malware #Analysis

·cisa.gov·Oct 5, 2022

MAR-10365227-3.v1 China Chopper Webshells

MAR-10365227-2.v1 HyperBro

CISA analyzed 4 files associated with HyperBro malware. The files creates a backdoor program that is capable of uploading and downloading files to and from the system. The RAT is also capable of logging keystrokes and executing commands on the system.

#uscert #csirt #cert #CISA #HyperBro #malware #Analysis #RAT #EN #2022

·cisa.gov·Oct 5, 2022

MAR-10365227-2.v1 HyperBro

MAR-10365227-3.v1 China Chopper Webshells

CISA analyzed 15 files associated with China Chopper malware. The files are modified Offline Address Book (OAB) Virtual Directory (VD) configuration files for Microsoft Exchange servers. The files have been modified with a variant of the China Chopper webshell. The webshells allow an attacker to remotely access the server and execute arbitrary code on the system(s).referenced in this bulletin or otherwise.

#uscert #csirt #cert #en #2022 #CISA #China #Chopper #malware #Analysis

·cisa.gov·Oct 5, 2022

MAR-10365227-3.v1 China Chopper Webshells

MAR-10365227-2.v1 HyperBro

CISA analyzed 4 files associated with HyperBro malware. The files creates a backdoor program that is capable of uploading and downloading files to and from the system. The RAT is also capable of logging keystrokes and executing commands on the system.

#uscert #csirt #cert #CISA #HyperBro #malware #Analysis #RAT #EN #2022

·cisa.gov·Oct 5, 2022

MAR-10365227-2.v1 HyperBro