CFR-4EAB, CFR-8EAB, CFR-16EAB Security Vulnerabilities

Threat Outbreak Alert RuleID31926: Email Messages Distributing Malicious Software on February 6, 2018

Medium Alert ID: 56687 First Published: 2018 February 6 17:23 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID31926) may contain the following...

Threat Outbreak Alert RuleID30623: Email Messages Distributing Malicious Software on September 18, 2017

Medium Alert ID: 55310 First Published: 2017 September 18 17:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID30623) may contain the following...

Bytecode Viewer - A Java 8 Jar & Android Apk Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java...

Threat Outbreak Alert RuleID30202: Email Messages Distributing Malicious Software on August 15, 2017

Medium Alert ID: 54847 First Published: 2017 August 15 15:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID30202) may contain the following...

Threat Outbreak Alert RuleID30185: Email Messages Distributing Malicious Software on August 14, 2017

Medium Alert ID: 54836 First Published: 2017 August 14 15:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID30185) may contain the following...

Threat Outbreak Alert RuleID29927: Email Messages Distributing Malicious Software on July 31, 2017

Medium Alert ID: 54628 First Published: 2017 July 31 15:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29927) may contain the following...

Threat Outbreak Alert RuleID29821: Email Messages Distributing Malicious Software on July 13, 2017

Medium Alert ID: 54489 First Published: 2017 July 13 18:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29821) may contain the following...

Threat Outbreak Alert RuleID29662: Email Messages Distributing Malicious Software on July 4, 2017

Medium Alert ID: 54413 First Published: 2017 July 5 15:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29662) may contain the following...

Threat Outbreak Alert RuleID29448: Email Messages Distributing Malicious Software on June 9, 2017

Medium Alert ID: 54162 First Published: 2017 June 9 14:26 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29448) may contain the following...

Threat Outbreak Alert RuleID29109: Email Messages Distributing Malicious Software on May 12, 2017

Medium Alert ID: 53823 First Published: 2017 May 12 15:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29109) may contain the following...

Threat Outbreak Alert RuleID29018: Email Messages Distributing Malicious Software on May 4, 2017

Medium Alert ID: 53715 First Published: 2017 May 4 19:01 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29018) may contain the following files: ...

Threat Outbreak Alert RuleID29006: Email Messages Distributing Malicious Software on May 4, 2017

Medium Alert ID: 53711 First Published: 2017 May 4 14:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID29006) may contain the following files: ...

Threat Outbreak Alert RuleID27565: Email Messages Distributing Malicious Software on January 31, 2017

Medium Alert ID: 52492 First Published: 2017 January 31 16:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID27565) may contain the following...

Threat Outbreak Alert RuleID24019: Email Messages Distributing Malicious Software on July 29, 2016

Medium Alert ID: 48295 First Published: 2016 July 29 16:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID24019) may contain the following...

Threat Outbreak Alert RuleID23776: Email Messages Distributing Malicious Software on July 8, 2016

Medium Alert ID: 47027 First Published: 2016 July 8 13:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID23776) may contain the following...

Threat Outbreak Alert RuleID23598: Email Messages Distributing Malicious Software on June 24, 2016

Medium Alert ID: 46847 First Published: 2016 June 24 21:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID23598) may contain the following...

Threat Outbreak Alert RuleID22087: Email Messages Distributing Malicious Software on April 5, 2016

Medium Alert ID: 44496 First Published: 2016 April 6 13:54 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID22087) may contain the following...

Threat Outbreak Alert RuleID19519: Email Messages Distributing Malicious Software on November 20, 2015

Medium Alert ID: 42192 First Published: 2015 November 20 15:33 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID19519) may contain the following...

MobSF (Mobile Security Framework) - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and...

Threat Outbreak Alert RuleID18299: Email Messages Distributing Malicious Software on October 3, 2015

Medium Alert ID: 41385 First Published: 2015 October 5 13:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID18299) may contain the following...

Threat Outbreak Alert RuleID17289: Email Messages Distributing Malicious Software on August 23, 2015

Medium Alert ID: 40642 First Published: 2015 August 24 14:32 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID17289) may contain the following...

Threat Outbreak Alert RuleID17277: Email Messages Distributing Malicious Software on August 11, 2015

Medium Alert ID: 40403 First Published: 2015 August 11 16:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID17277) may contain the following...

Threat Outbreak Alert RuleID17223: Email Messages Distributing Malicious Software on August 10, 2015

Medium Alert ID: 40375 First Published: 2015 August 10 14:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID17223) may contain the following...

Threat Outbreak Alert RuleID17190: Email Messages Distributing Malicious Software on August 6, 2015

Medium Alert ID: 40342 First Published: 2015 August 6 19:55 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID17190) may contain the following...

Threat Outbreak Alert RuleID16774: Email Messages Distributing Malicious Software on July 18, 2015

Medium Alert ID: 40037 First Published: 2015 July 20 13:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID16774) may contain the following...

REMnux v6 - A Linux Toolkit for Reverse-Engineering and Analyzing Malware

REMnux is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can examine malware, yet might be difficult to locate....

Threat Outbreak Alert RuleID14798: Email Messages Distributing Malicious Software on April 21, 2015

Medium Alert ID: 38449 First Published: 2015 April 21 19:25 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID14798) may contain the following...

Security Update for Microsoft Project Server 2013 (KB2965278) farm-deployment

A security vulnerability exists in Microsoft Project Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that...

Threat Outbreak Alert RuleID10795: Email Messages Distributing Malicious Software on July 25, 2014

Medium Alert ID: 35042 First Published: 2014 July 25 13:55 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID10795) may contain the following...

Threat Outbreak Alert RuleID10571: Email Messages Distributing Malicious Software on July 7, 2014

Medium Alert ID: 34861 First Published: 2014 July 7 12:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID10571) may contain the following...

Threat Outbreak Alert RuleID10512: Email Messages Distributing Malicious Software on July 3, 2014

Medium Alert ID: 34837 First Published: 2014 July 3 13:24 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID10512) may contain the following...

Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents

On March 16th, we discovered a premeditated waterhole campaign that hosts exploits and malware on websites frequented by a specific target group. In this case the target includes Chinese dissidents. For the attacker, this approach is highly attractive since it is very difficult to discover the...

Out-of-Band IE Patch Released as More Sites Attacked

Internet Explorer users, exposed to a zero-day vulnerability in the browser and a faulty temporary Fix It from Microsoft, finally got some relief today when the company, as promised, released an out-of-band patch. Meanwhile, a handful of new telco, manufacturing and human rights sites have been...

Latest Internet Explorer zero-day linked to Elderwood Project

Last week we have seen ongoing attacks was exploiting a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 that came to light after the Council on Foreign Relations website was hacked and was hosting the code. Symantec has linked exploits to the group responsible...

Latest Internet Explorer zero-day linked to Elderwood Project

Last week we have seen ongoing attacks was exploiting a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 that came to light after the Council on Foreign Relations website was hacked and was hosting the code. Symantec has linked exploits to the group responsible...

Researchers Bypass Microsoft Fix It for IE Zero Day

Expect amped up pressure aimed in Microsoft’s direction for a patch for the Internet Explorer zero day that surfaced last week, now that researchers at Exodus Intelligence reported today they have developed a bypass for the Fix It that Microsoft released as a temporary mitigation. Their new...

IE Zero-Day Watering Hole Attack Expands to Handful of Political Sites

The scope of watering hole attacks utilizing a previously unreported vulnerability in Internet Explorer has widened to as many as four new sites, all of them with politically charged leanings. The attacks further demonstrate the effectiveness of watering hole attacks compared to phishing attacks...

Energy Manufacturer Also Victimized by IE Zero Day in Watering Hole Attack

This week’s watering hole attack exploiting a zero-day vulnerability in Internet Explorer was not limited to the influential Council on Foreign Relations site. A Metasploit contributor said an energy manufacturer’s website has been serving malware related to the attack since September. Researcher.....

CFR watering hole attack also target Capstone Turbine Corporation

Last week Council on Foreign Relations website was compromised and recently hit by a drive-by attack using a zero day Internet Explorer 6 vulnerability for Cyber Espionage attack, suspected by Chinese Hackers. Later Microsoft confirmed that Internet Explorer 6, 7, and 8 are vulnerable to remote...

CFR watering hole attack also target Capstone Turbine Corporation

Last week Council on Foreign Relations website was compromised and recently hit by a drive-by attack using a zero day Internet Explorer 6 vulnerability for Cyber Espionage attack, suspected by Chinese Hackers. Later Microsoft confirmed that Internet Explorer 6, 7, and 8 are vulnerable to remote...

Internet Explorer 6, 7 and 8 vulnerable to remote code execution

Last Friday, we reported that the website of the U.S. Council of Foreign Relations was allegedly compromised by Chinese hackers who exploited the zero-day bug that was only discovered that same day. The CFR website was compromised with JavaScript that served malicious code to older IE browsers and....

Microsoft Responds to IE Zero Day Used in CFR Watering Hole Attack

UPDATE – Microsoft responded this weekend with temporary mitigations and workarounds for a zero-day vulnerability in Internet Explorer exploited in an attack on the Council on Foreign Relations website. IE 6, 7 and 8 are vulnerable to exploits that would enable a remote attacker to execute code on....

Internet Explorer 6, 7 and 8 vulnerable to remote code execution

Last Friday, we reported that the website of the U.S. Council of Foreign Relations was allegedly compromised by Chinese hackers who exploited the zero-day bug that was only discovered that same day. The CFR website was compromised with JavaScript that served malicious code to older IE browsers and....

Council on Foreign Relations Website Hit by Watering Hole Attack, IE Zero-Day Exploit

UPDATE – Another high profile watering hole attack has been discovered, this one targeting visitors to the Council on Foreign Relations website. The CFR is a Washington, D.C.-based think tank that provides foreign policy and foreign affairs resources to government officials, journalists, and...

Chinese Hackers exploiting Internet Explorer Zero Day vulnerability for Cyber Espionage

Web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected earlier this week. Hacker are suspected to be from China , who are exploiting a zero day Internet Explorer vulnerability for Cyber Espionage attack against one of American most...

Chinese Hackers exploiting Internet Explorer Zero Day vulnerability for Cyber Espionage

Web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected earlier this week. Hacker are suspected to be from China , who are exploiting a zero day Internet Explorer vulnerability for Cyber Espionage attack against one of American most...

Market Fail: Regulations May Be Only Hope For Securing Critical Infrastructure

Threatpost’s exclusive interview with Ralph Langner continues, as our conversation shifts from the legacy of the Stuxnet worm to larger issues facing the critical infrastructure sector including mounting attacks, tensions between vendors and security researchers over responsible disclosure, and...

SYSTONÝCfr/portal/ actualites.asp sql injection

SYSTONЭCfr/portal/ actualites.asp sql injection Credit : CodeXpLoder'tq mail : codexploder[at]hotmail[dot]com site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam spec.note : "Live The Life" ///////////////////////////////////////////////////////////////// 1-) ...

Security fix for the ALT Linux 8 package proftpd version 1.3.0rel-alt2

May 16, 2007 Konstantin Lepikhov 1.3.0rel-alt2 - 1.3.0a stable release. - rollback alt-ltdl patch (use alternate variant). - don't delete *.la files (due lt_dlopenext breakage in this case). - remove previous CVE-2006-5815 fixes, use variant from Debian. - change packager. - cleanup obsoleted...

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows AFFECTED SYSTEMS NWAuth module as used by DMail, SurgeFTP, others... (cfr www.netwinsite.com) I've tested SurgeFTP in particular The source code for NWAuth 2.0 can be found at...