Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/867c6b432ccd4aa51adc5e2722a4b144.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.h
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware runs with SYSTEM integrity and listens on TCP
port 7614. Third-party adversaries who can reach an infected host can
run commands made available…

Read More

Backdoor.Win32.Delf.ps / Information Disclosure

Read Time:20 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/cf3c08afa6c2d49ba36ed0f895893d71.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Delf.ps
Vulnerability: Information Disclosure
Description: The malware listens on TCP port 80. Third-party adversaries
who can reach an infected host can generate and download screenshots of the
systems desktop.
Family: Delf
Type:…

Read More

Backdoor.Win32.Jokerdoor / Weak Hardcoded Credentials

Read Time:18 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/a6437375fff871dff97dc91c8fd6259f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Weak Hardcoded Credentials
Family: Jokerdoor
Type: PE32
MD5: a6437375fff871dff97dc91c8fd6259f
Vuln ID: MVID-2022-0531
Dropped files: Random name “awup.exe”
Disclosure: 04/02/2022
Description: The…

Read More

Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/867c6b432ccd4aa51adc5e2722a4b144.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.h
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware runs with SYSTEM integrity and listens on TCP port
7614. Third-party adversaries who can reach an infected host can run
commands made available…

Read More

Multiple Vulnerabilities in Reprise License Manager 14.2

Read Time:12 Second

Posted by Gionathan Reale via Fulldisclosure on Apr 07

Multiple Vulnerabilities in Reprise License Manager 14.2

Credit: Giulia Melotti Garibaldi

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

# Product:  RLM 14.2
# Vendor:   Reprise Software
# CVE ID:   CVE-2022-28363
# Vulnerability Title: Reflected Cross-Site Scripting
# Severity: Medium
#…

Read More

8 Ways to Know If Online Stores Are Safe and Legit

Read Time:5 Minute, 4 Second

The explosion of e-commerce sites has changed how we shop today, providing access to millions of online stores with almost unlimited selections.  

Just as you would take basic precautions in a brick-and-mortar store — perhaps hiding your PIN number while paying and making sure the business is legitimate — you should also practice safe shopping habits online. 

Here are eight ways you can avoid fake websites and other online scams and ensure that you’re dealing with legitimate companies and safe online stores. 

Use the free McAfee WebAdvisor to check for safe sites

One of the best ways to tell if an online store is legit and avoid debit and credit card scams, domain name and subdomain name takeovers, and other problems is with a free and effective download like McAfee WebAdvisor. 

This smart tool helps you surf and shop with confidence, protecting you from malicious sites that can contain:  

Adware: Pop-ups that might be infected with malware 
Spyware: Software downloaded without the user’s consent, perhaps passing on sensitive personal information to advertisers or cybercriminals. 
Viruses: Pieces of code that can copy themselves and typically have a negative effect, such as slowing down your system or destroying data 
Phishing scams: When hackers send duplicitous emails designed to trick people into falling for a scam to reveal financial information, system credentials, or other sensitive data 

McAfee WebAdvisor is a free browser extension that downloads quickly and installs easily, working in the background automatically to protect you from malware and phishing as you surf, search, and enjoy online shopping. 

McAfee WebAdvisor works with Windows 10, 8.1, 8, and 7 (32- and 64-bit) computers and is compatible with these browsers: 

Internet Explorer 10.0 or later 
Microsoft Edge (Chromium-based) 
Microsoft Edge (Windows 10 only; Fall Creators Update required) 
Mozilla Firefox 
Google Chrome 

Here are other ways to make sure you know when you’re dealing with scammers online.  

Check the padlock in the address bar

When checking an e-commerce site’s credentials, start with the address bar. Often, hackers will use URLs that are very close to the real site’s URL but not quite the same. Look for typos or use Google to see if a search takes you to the same page. Also, look for a padlock icon in the address bar. 

Click the padlock and look at the drop-down menu that provides information, such as if the site has a valid certificate like SSL (verifying that the web address belongs to the company), how many cookies are in use, other site settings, and whether your information is safe when sent to this site. 

The protection is pretty good but not perfect since some cybercriminals have been able to replicate these padlocks or take over legitimate sites that have them. 

Verify the website’s trust seal

Trust seals, such as the TrustedSite certification, are stamps created by a certificate authority (CA) to confirm the legitimacy of a site. A trust seal tells visitors that they are on a safe site and the company that displays the mark prioritizes cybersecurity. Click on it, and you should be taken to a webpage that verifies the authenticity of the trust seal. 

Use the Google Transparency Report

Google’s Safe Browsing technology crawls through billions of web addresses every day on the lookout for unsafe websites. The technology discovers thousands daily — often legitimate sites that have been compromised. Warnings for unsafe sites pop up in your browser and on the Google search engine. You can also search specific URLs to see if a site has been compromised.  

Check the company’s social media presence

It’s worth checking a company on social media to see if they appear to have a genuine following and legitimate posts. The Better Business Bureau (BBB) also has suggestions for spotting fake social media accounts, including those on LinkedIn, Facebook, Twitter, and Instagram. You should look for: 

Accounts with poor or no content and stock or recycled images 
Poor engagement with followers 
Lack of transparency about who runs the account 
Phony reviews 
Links to phishing scams and malware 

Review the company’s contact info

Another way to test the legitimacy of an online retail store is to check its contact information. Does it have a physical address, phone number, and email contact? Does the email address on the contact page have the company domain name in it, or is it generic (like a Gmail address)? If you send an email, does it get delivered? 

Analyze the overall look of the website

Check to see if the e-commerce site looks as if it has been professionally produced or whether it has been thrown together with slapdash results. Are there typos, grammar errors, poor-quality images, and a sloppy design? Does it have a poorly worded return policy or no return policy at all?  

All the things that undermine the professional appearance and authenticity of a site should be red flags and convince you that you’re on a scam website 

Verify if there are company reviews

If the online company is a legitimate website (not a scam site) and has been around for a while, there should be authentic third-party reviews from previous customers. Review sites include Google My Business, Amazon, and Yelp. 

If the reviews are uniformly bad, on the other hand, you have another type of problem to confront. 

See how McAfee WebAdvisor can keep you safe while shopping online

Since virtual shopping is fast becoming the new norm, it’s important to guard against cybercriminals that are increasingly targeting retailers and their customers. A great way to shop with confidence is to use McAfee WebAdvisor, which is available as a free download. 

The web browser extension works tirelessly in the background to protect you as you browse and buy. Think of it as a gift to yourself so you can use the internet to its full potential while keeping your information protected. 

The post 8 Ways to Know If Online Stores Are Safe and Legit appeared first on McAfee Blog.

Read More

xen-4.16.0-6.fc36

Read Time:21 Second

FEDORA-2022-fca60937b8

Packages in this update:

xen-4.16.0-6.fc36

Update description:

Racy interactions between dirty vram tracking and paging log dirty
hypercalls [XSA-397, CVE-2022-26356]
race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]

Read More

What is spear phishing? Examples, tactics, and techniques

Read Time:33 Second

Spear phishing definition

Spear phishing is a targeted email attack purporting to be from a trusted sender.

In spear phishing attacks, attackers often use information gleaned from research to put the recipient at ease. The ultimate aim is to either infect devices with malware by convincing the recipient to click a link or download an attachment, or to trick the recipient into taking some other action that will benefit the attacker, usually handing over information or money.

Spear phishing messages are often crafted with care using pernicious social engineering techniques and are difficult to defend against with mere technical means.

To read this article in full, please click here

Read More