Monthly Archives: March 2022

Advisories

Backdoor.Win32.BirdSpy.b / Weak Hardcoded Credentials

Read Time:19 Second

Posted by malvuln on Mar 25

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/eba3dd81723ddf33621fd85ded577920.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.BirdSpy.b
Vulnerability: Weak Hardcoded Credentials
Family: BirdSpy
Type: PE32
MD5: eba3dd81723ddf33621fd85ded577920
Vuln ID: MVID-2022-0523
Dropped files: WinSock.exe
Disclosure: 03/21/2022
Description: The malware listens on TCP…

Read More

Advisories

Backdoor.Win32.Agent.bxxn / Open Proxy

Read Time:21 Second

Posted by malvuln on Mar 25

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/dcbc237f21839a6514c8321d5fa631a4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.bxxn
Vulnerability: Open Proxy
Description: The malware listens on TCP port 1080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the destination and then back to…

Read More

News

Man-in-the-middle (MitM) attack definition and examples

Read Time:34 Second

What is a man-in-the-middle-attack?

A man-in-the-middle (MitM) attack is a type of cyberattack in which communications between two parties is intercepted, often to steal login credentials or personal information, spy on victims, sabotage communications, or corrupt data.

“MitM attacks are attacks where the attacker is actually sitting between the victim and a legitimate host the victim is trying to connect to,” says Johannes Ullrich, dean of research at SANS Technology Institute. “So, they’re either passively listening in on the connection or they’re actually intercepting the connection, terminating it and setting up a new connection to the destination.”

To read this article in full, please click here

Read More