Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion.
The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications.
“Wpeeper is a typical backdoor Trojan for Android
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-01 14:06:532024-05-01 14:06:53Adobe Adds Firefly and AI Watermarking to Bug Bounty Program
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-01 14:06:522024-05-01 14:06:52The Cybersecurity Checklist That Could Save Your M&A Deal
Venafi introduced a 90-Day TLS Readiness solution to help enterprises prepare for Google’s proposed 90-day limit for the lifecycle of a digital certificate.
Blockchain analysis firm Elliptic, MIT, and IBM, have released a new AI detection model—and the 200-million-transaction dataset it’s trained on—that aims to spot the “shape” of Bitcoin money laundering.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-01 13:06:312024-05-01 13:06:31A Vast New Dataset Could Supercharge the AI Hunt for Crypto Money Laundering
Are virtual private networks legal to use? Discover if VPNs are legal, restricted or banned in your geolocation and what activities are legal vs. illegal when using a VPN.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-01 12:08:522024-05-01 12:08:52CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen
The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed.
“The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection,” Zscaler ThreatLabz researcher Santiago
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-01 11:07:042024-05-01 11:07:04ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
/in General NewsCybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion.
The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications.
“Wpeeper is a typical backdoor Trojan for Android
The Hacker News – Read More
Adobe Adds Firefly and AI Watermarking to Bug Bounty Program
/in General NewsResearchers can earn up to $10,000 for critical vulnerabilities in the generative AI products.
Security | TechRepublic – Read More
The Cybersecurity Checklist That Could Save Your M&A Deal
/in General NewsWith mergers and acquisitions making a comeback, organizations need to be sure they safeguard their digital assets before, during, and after.
darkreading – Read More
Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle
/in General NewsVenafi introduced a 90-Day TLS Readiness solution to help enterprises prepare for Google’s proposed 90-day limit for the lifecycle of a digital certificate.
The post Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle appeared first on SecurityWeek.
SecurityWeek – Read More
A Vast New Dataset Could Supercharge the AI Hunt for Crypto Money Laundering
/in General NewsBlockchain analysis firm Elliptic, MIT, and IBM, have released a new AI detection model—and the 200-million-transaction dataset it’s trained on—that aims to spot the “shape” of Bitcoin money laundering.
Security Latest – Read More
Are VPNs Legal To Use?
/in General NewsAre virtual private networks legal to use? Discover if VPNs are legal, restricted or banned in your geolocation and what activities are legal vs. illegal when using a VPN.
Security | TechRepublic – Read More
CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen
/in General NewsSecurityWeek interviews Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
The post CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen appeared first on SecurityWeek.
SecurityWeek – Read More
Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server
/in General NewsThe new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal.
The post Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server appeared first on SecurityWeek.
SecurityWeek – Read More
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
/in General NewsThe authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed.
“The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection,” Zscaler ThreatLabz researcher Santiago
The Hacker News – Read More
TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Glossaries for Download
/in General NewsTechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
Security | TechRepublic – Read More