UPDATE 9/27, 11:00am: Updated for the misconception that the bootrom was actually being modified. Apparently, the “permanent” only refers to the…
Tag: exploits
The Hidden Bee infection chain, part 1: the stegano pack
About a year ago, we described the Hidden Bee miner delivered by the Underminer Exploit Kit. Hidden Bee has a complex…
Exploit kits: summer 2019 review
In the months since our last spring review, there has been some interesting activity from several exploit kits. While the playing…
Hidden Bee: Let’s go down the rabbit hole
Some time ago, we discussed the interesting malware, Hidden Bee. It is a Chinese miner, composed of userland components, as well…
Electrum Bitcoin wallets under siege
By Adam Thomas and Jérôme Segura, with additional contributions from Vasilios Hioueras and S!Ri Since at least late December 2018, many…
Google Chrome zero-day: Now is the time to update and restart your browser
Update (2019-03-21) A proof of concept for CVE-2019-5786 was published by Exodus Intel. In our earlier post we exercised caution before…
A week in security (February 25 – March 3)
Last week, we delved into the realm of K-12 schools and security, explored the world of compromised websites and Golang bruteforcers,…
New ‘Under the Radar’ report examines modern threats and future technologies
As if you haven’t heard it enough from us, the threat landscape is changing. It’s always changing, and usually not for…
Exploit kits: fall 2018 review
Exploit kit (EK) activity continues to surprise us as the weather cools, the leaves change, and we move into the fall of…
Simple Authentication and Security Layer (SASL) vulnerabilities
Simple Authentication and Security Layer (SASL) is an authentication layer used in Internet protocols. SASL is not a protocol, but rather…