web analytics

Ensiko: A Webshell With Ransomware Capabilities

By Aliakbar Zahravi  Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the capability to remotely control the system and accept commands to perform malicious activities on the infected machine. It can also execute shell… Continue reading Ensiko: A Webshell With Ransomware Capabilities

Updates on ThiefQuest, the Quickly-Evolving macOS Malware

By Steven Du, Gabrielle Mabutas, and Luis Magisa Right as July of this year began, we noticed an emerging malware dubbed by most as ThiefQuest (also known as EvilQuest), a threat that targets macOS devices, encrypts files, and installs keyloggers in affected systems.  It has been found in pirated versions of macOS shared on popular… Continue reading Updates on ThiefQuest, the Quickly-Evolving macOS Malware

Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws

There has been a common vulnerabilities and exposures (CVE) fixing trend in 2020 Patch Tuesdays. For instance, Microsoft has patched roughly more than 100 vulnerabilities per month in recent bulletins. Similarly, the July update issues 123 patches, including fixes in RemoteFX vGPU, Microsoft Office, Microsoft Windows, OneDrive, and Jet Database Engine. The patches address 18… Continue reading Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws

New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173

By Augusto Remillano II and Jemimah Molina We discovered a new Mirai variant (detected as  IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants. This discovery is a new addition to the Mirai variants that appeared in the past… Continue reading New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173