By Augusto Remillano II and Jemimah Molina We discovered a new Mirai variant (detected as  IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants. This discovery is a new addition to the Mirai variants that appeared in the past

Researchers have found a way to bypass one of the mitigations proposed by F5 Networks for the actively exploited BIG-IP vulnerability, but malicious hackers leveraged the bypass method before its public disclosure.F5’s BIG-IP application delivery controller (ADC), specifically its Traffic Management User Interface (TMUI) configuration utility, is affected by

The authors of the Purple Fox EK have integrated two new exploits for Microsoft vulnerabilities to the Purple Fox EK. The Purple Fox EK continues to be improved by its authors that implemented two new exploits for Microsoft critical- and high-severity Microsoft vulnerabilities. The Purple Fox EK appears to have been built to replace the notorious RIG e

The developers of the Purple Fox exploit kit (EK) have added two new exploits to their arsenal, including one for a vulnerability addressed in February this year.Initially detailed in September 2018, the EK was designed for the distribution of the Purple Fox Trojan/Rootkit. Previously, the Trojan was being disseminated through the RIG EK, but its operators w

Hackers continue to exploit the recently patched BIG-IP security flaw and they have plenty of potential targets as researchers have identified thousands of vulnerable systems.The vulnerability affecting F5 Networks’ BIG-IP application delivery controller (ADC) is tracked as CVE-2020-5902 and it was disclosed last week by the vendor and Positive Technologies,

Security company Proofpoint has identified two new exploits coded into Purple Fox, an exploit kit that has evolved dramatically in the last year. The updates show that cyber-criminals are continuing to invest in infection tools to help get their malware onto victims' systems even though exploit kits are declining as an attack technique, the company said.

Hackers have already started exploiting a recently patched vulnerability affecting F5 Networks’ BIG-IP application delivery controller (ADC).F5 informed customers last week that a BIG-IP configuration utility named Traffic Management User Interface (TMUI) is impacted by a critical remote code execution vulnerability whose exploitation can result in “complete

Attackers are already attempting to exploit the recently fixed bug in F5 Networks BIG-IP product, security experts warn. A few days after the disclosure of the vulnerability in the F5 Networks BIG-IP product. F5 Networks has recently addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages

U.S. Cyber Command believes foreign APTs will likely attempt to exploit the recently addressed flaw in Palo Alto Networks’s PAN-OS firewall OS. Recently Palo Alto Network addressed a critical vulnerability, tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. The flaw could allow unauthenticated n

Palo Alto Networks revealed on Monday that it has patched a critical authentication bypass vulnerability in its PAN-OS firewall operating system, and U.S. Cyber Command believes foreign APTs will likely attempt to exploit it soon.The vulnerability, tracked as CVE-2020-2021 with a CVSS score of 10, affects PAN-OS 8.0, 8.1, 9.0 and 9.1, and it has been patched

ESET is the latest security company to notice a sharp spike in RDP-based hacks over the last few months. The anti-malware company spotted a rise in the number of brute-force attacks using the remote access protocol, and said that cyber-criminals have been using it to distribute ransomware.The Remote Desktop Protocol is a proprietary Microsoft protocol that a

A new botnet, tracked as Lucifer, appeared in the threat landscape, it leverages close to a dozen exploits to hack Windows systems. A new botnet tracked as Lucifer appeared in the threat landscape, it leverages a dozen exploits for high and critical severity flaws affecting Windows systems. Upon infecting a system the bot turns it into a cryptomining clie

New malware called “Lucifer” came with numerous exploits for conducting cryptomining functionality and performing distributed denial-of-service (DDoS) attacks on infected Windows machines.Palo Alto Networks’ Unit 42 research team identified two versions of Lucifer in their research. (Both variants bore the name “Satan DDoS,” but

Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just a plugin for a web browser, meaning

Posted by Brandon Azad, Project ZeroI recently found myself wishing for a single online reference providing a brief summary of the high-level exploit flow of every public iOS kernel exploit in recent years; since no such document existed, I decided to create it here.This post summarizes original iOS kernel exploits from local app context targeting iOS 10 thr