Forwarded from TechToday News
#Security #Malware #report #Reverse_Engineering
Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown.
http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/
The Judy Malware: Possibly the largest malware campaign found on Google Play
Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown.
http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/
Check Point Software
The Judy Malware: Possibly the largest malware campaign found on Google Play - Check Point Software
Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an
Forwarded from TechToday News
#Vulnerability #Windows #Reverse_Engineering #Article #Malware
How a Microsoft icon-display bug in Windows allows attackers to masquerade PE files with special icons
An icon-display bug in Windows allows attackers to masquerade PE files with special icons by automatically “borrowing” other commonly used icons from the local machine, thus tricking users into clicking them. The bug behind this vulnerability lies deep inside the image-handling code of Windows. The bug has been present since at least Windows 7 and is still present in the most updated versions of Windows 10.
We discovered the bug while researching a recent batch of malicious PE files. After copying files from one directory to another, we noticed an odd behavior: some of the files’ icons changed. To rule out the possibility of a mistake (or a simple lack of caffeine), we copied the files to a different directory and again the icons of these files changed to a different commonly-used and completely unrelated icon. This piqued our interest and prompted an investigation into this strange phenomenon.
https://www.cybereason.com/labs-a-zebra-in-sheeps-clothing-how-a-microsoft-icon-display-bug-in-windows-allows-attackers-to-masquerade-pe-files-with-special-icons/
How a Microsoft icon-display bug in Windows allows attackers to masquerade PE files with special icons
An icon-display bug in Windows allows attackers to masquerade PE files with special icons by automatically “borrowing” other commonly used icons from the local machine, thus tricking users into clicking them. The bug behind this vulnerability lies deep inside the image-handling code of Windows. The bug has been present since at least Windows 7 and is still present in the most updated versions of Windows 10.
We discovered the bug while researching a recent batch of malicious PE files. After copying files from one directory to another, we noticed an odd behavior: some of the files’ icons changed. To rule out the possibility of a mistake (or a simple lack of caffeine), we copied the files to a different directory and again the icons of these files changed to a different commonly-used and completely unrelated icon. This piqued our interest and prompted an investigation into this strange phenomenon.
https://www.cybereason.com/labs-a-zebra-in-sheeps-clothing-how-a-microsoft-icon-display-bug-in-windows-allows-attackers-to-masquerade-pe-files-with-special-icons/
Forwarded from Заметки Хакер
🖥 Репозиторий: Go-reverse — это обратный прокси-сервер, который поддерживает Docker
Go-reverse включает в себя веб-интерфейс для управления и настройки, автоматическое управление SSL-сертификатами, поддержку многозадачной конфигурации, возможность горячей перезагрузки при изменениях в контейнерах или конфигурациях, а также функцию остановки неактивных контейнеров и их автоматического запуска при поступлении трафика.
— Этот инструмент поддерживает HTTP(s) проксирование, перенаправление TCP/UDP портов, пользовательские страницы ошибок и middleware для HTTP.
⏺ Ссылка на Github (https://github.com/yusing/go-proxy)
#Go #Reverse #Proxy #Docker #Network
@hackernews_lib
Go-reverse включает в себя веб-интерфейс для управления и настройки, автоматическое управление SSL-сертификатами, поддержку многозадачной конфигурации, возможность горячей перезагрузки при изменениях в контейнерах или конфигурациях, а также функцию остановки неактивных контейнеров и их автоматического запуска при поступлении трафика.
— Этот инструмент поддерживает HTTP(s) проксирование, перенаправление TCP/UDP портов, пользовательские страницы ошибок и middleware для HTTP.
⏺ Ссылка на Github (https://github.com/yusing/go-proxy)
#Go #Reverse #Proxy #Docker #Network
@hackernews_lib
Forwarded from Заметки Хакер
🖥 Репозиторий: Awesome Hacking Resources — подборка материалов по взлому и тестированию на проникновение.
Awesome Hacking Resources — это тщательно составленный перечень инструментов, ресурсов и справочных материалов для любителей и специалистов в области кибербезопасности.
— В этом репозитории собраны ссылки на разнообразные темы, связанные с взломом, включая тестирование на проникновение, обратный инжиниринг, криптографию и многое другое.
⏺ Ссылка на GitHub (https://github.com/vitalysim/Awesome-Hacking-Resources)
#GitHub #Awesome #Hacking #Penest #Reverse #Cryptography
@hackernews_lib
Awesome Hacking Resources — это тщательно составленный перечень инструментов, ресурсов и справочных материалов для любителей и специалистов в области кибербезопасности.
— В этом репозитории собраны ссылки на разнообразные темы, связанные с взломом, включая тестирование на проникновение, обратный инжиниринг, криптографию и многое другое.
⏺ Ссылка на GitHub (https://github.com/vitalysim/Awesome-Hacking-Resources)
#GitHub #Awesome #Hacking #Penest #Reverse #Cryptography
@hackernews_lib