Merge pull request #271 from Delta-Sierra/master

Several updates
This commit is contained in:
Alexandre Dulaunoy 2018-10-01 21:51:11 +02:00 committed by GitHub
commit 63b777fc9e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 49 additions and 3 deletions

View file

@ -677,7 +677,8 @@
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/hide-and-seek-becomes-first-iot-botnet-capable-of-surviving-device-reboots/",
"https://www.bleepingcomputer.com/news/security/new-hns-iot-botnet-has-already-amassed-14k-bots/"
"https://www.bleepingcomputer.com/news/security/new-hns-iot-botnet-has-already-amassed-14k-bots/",
"https://www.bleepingcomputer.com/news/security/hide-and-seek-botnet-adds-infection-vector-for-android-devices/"
],
"synonyms": [
"HNS",
@ -847,6 +848,9 @@
"refs": [
"https://researchcenter.paloaltonetworks.com/2018/09/unit42-multi-exploit-iotlinux-botnets-mirai-gafgyt-target-apache-struts-sonicwall/",
"https://www.symantec.com/security-center/writeup/2014-100222-5658-99"
],
"synonyms": [
"Bashlite"
]
},
"uuid": "40795af6-b721-11e8-9fcb-570c0b384135"

View file

@ -9608,7 +9608,8 @@
"https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-being-distributed-via-malspam-disguised-as-receipts/",
"https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-version-2-released-with-new-crab-extension-and-other-changes/",
"https://www.bleepingcomputer.com/news/security/gandcrab-version-3-released-with-autorun-feature-and-desktop-background/",
"https://www.bleepingcomputer.com/news/security/new-fallout-exploit-kit-drops-gandcrab-ransomware-or-redirects-to-pups/"
"https://www.bleepingcomputer.com/news/security/new-fallout-exploit-kit-drops-gandcrab-ransomware-or-redirects-to-pups/",
"https://www.bleepingcomputer.com/news/security/gandcrab-v5-ransomware-utilizing-the-alpc-task-scheduler-exploit/"
]
},
"related": [

View file

@ -5880,7 +5880,28 @@
]
},
"uuid": "6c79bd1a-bfde-11e8-8c33-db4d9968671a"
},
{
"value": "MageCart",
"description": "Digital threat management company RiskIQ tracks the activity of MageCart group and reported their use of web-based card skimmers since 2016.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/british-airways-fell-victim-to-card-scraping-attack/",
"https://www.bleepingcomputer.com/news/security/feedify-hacked-with-magecart-information-stealing-script/"
]
},
"uuid": "0768fd50-c547-11e8-9aa5-776183769eab"
},
{
"value": "Domestic Kitten",
"description": "An extensive surveillance operation targets specific groups of individuals with malicious mobile apps that collect sensitive information on the device along with surrounding voice recordings. Researchers with CheckPoint discovered the attack and named it Domestic Kitten. The targets are Kurdish and Turkish natives, and ISIS supporters, all Iranian citizens.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/domestic-kitten-apt-operates-in-silence-since-2016/"
]
},
"uuid": "dda1b28e-c558-11e8-8666-27cf61d1d7ee"
}
],
"version": 66
"version": 67
}

View file

@ -5829,6 +5829,26 @@
]
},
"uuid": "https://www.bleepingcomputer.com/news/security/apt28-uses-lojax-first-uefi-rootkit-seen-in-the-wild/"
},
{
"value": "Chainshot",
"description": "The new piece of malware, which received the name Chainshot, is used in the early stages of an attack to activate a downloader for the final payload in a malicious chain reaction.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/new-chainshot-malware-found-by-cracking-512-bit-rsa-key/"
]
},
"uuid": "a032460e-c54c-11e8-9965-43b7b6469a65"
},
{
"value": "CroniX",
"description": "The researchers named this campaign CroniX, a moniker that derives from the malware's use of Cron to achieve persistence and Xhide to launch executables with fake process names. The cryptocurrency minted on victim's computers is Monero (XMR), the coin of choice in cryptojacking activities. To make sure that rival activity does not revive, CroniX deletes the binaries of other cryptominers present on the system. Another action CroniX takes to establish supremacy on the machine is to check the names of the processes and kill those that swallow 60% of the CPU or more.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/cronix-cryptominer-kills-rivals-to-reign-supreme/"
]
},
"uuid": "55d29d1c-c550-11e8-9904-47c1d86af7c5"
}
],
"version": 89