Palo Alto Networks

MARCH 13, 2020

Although the malware was a never-before-seen mutation of the Qbot virus, our Behavioral Threat Protection (BTP) engine caught it. Fortunately, the Cortex XDR endpoint agent killed the malware as soon as the executable attempted to run. In case of shares protected by weak passwords, it will attempt brute-forcing via a dictionary attack.

Artificial Inteligence 84

Artificial Inteligence Malware Artificial Intelligence Network 84

Tenable

MAY 17, 2019

Tenable Researcher David Wells discovered a vulnerability in Slack Desktop for Windows that could have allowed an attacker to alter where files downloaded within Slack are stored. for Windows. We cannot confirm how many of those are Windows App users. Confirm that your Slack for Windows is updated to version 3.4.0.

Windows 42

Windows SMB Authentication Malware 42

Tenable

JULY 13, 2021

Microsoft Windows Codecs Library. Microsoft Windows DNS. Microsoft Windows Media Foundation. Windows Active Directory. Windows Address Book. Windows AF_UNIX Socket Provider. Windows AppContainer. Windows AppContainer. Windows AppX Deployment Extensions. Windows Authenticode.

Windows 53

Windows Software Review Malware SMB 53

Infinidat

FEBRUARY 26, 2019

InfiniBox Update Addresses Customers’ Need for SMB Protocol Support, Malware Protection, and Improved Performance WALTHAM, Mass. February 26, 2019 – INFINIDAT, the market’s leading independent provider of enterprise-class data storage solutions, today announced enhancements of its InfiniBox® software.

SMB 40

SMB Malware Data Storage 40

Tenable

MARCH 10, 2021

Some are known to exploit vulnerabilities while others will utilize phishing/email compromise to establish an initial foothold before dropping malware or leveraging a vulnerability to gain further access to the victim's systems to deploy the ransomware. 117% increase in IP reputation security alerts. 56% increase in endpoint security.

Healthcare 94

Healthcare Research Systems Review Analysis 94

Tenable

AUGUST 19, 2022

Vulnerabilities associated with 2021’s top malware. Right after the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) outlined the top malware of 2021, Tenable’s Security Response Team identified vulnerabilities associated with these malicious strains. CVE-2016-0189. CVE-2016-4171.

IoT 52

IoT Malware Windows Guidelines 52

AlienVault

OCTOBER 29, 2018

In addition, take care with this portion of the malware. Malware Analysis. During the execution of sogou.exe, the following exploits are used to install on new victims’ PCs: CVE-2017-9073, RDP vulnerability on Windows XP and Windows Server 2003. CVE-2017-0143, SMB exploit. CVE-2017-0146, SMB exploit.

Malware 40

Malware Windows IPv6 Analysis 40

AlienVault

SEPTEMBER 24, 2018

2018 seems to be a time for highly profitable cryptominers that spread over SMB file-shares. Following my analysis on ZombieBoy in July, I found a new malware sample that I’m calling MadoMiner. However, MadoMiner is much, much, larger, in terms of: The size of the malware; The amount of systems infected; and. Installation.

Malware 40

Malware SMB .Net Architecture 40

AlienVault

JULY 18, 2018

Continuing the 2018 trend of cryptomining malware, I’ve found another family of mining malware similar to the “massminer” discovered in early May. ZombieBoy makes use of several exploits during execution: CVE-2017-9073, RDP vulnerability on Windows XP and Windows Server 2003. CVE-2017-0143, SMB exploit.

Malware 40

Malware SMB Analysis System 40