Advisory ID: NCC-CSIRT-0901-002
Summary:
Cybersecurity analysts at ASEC (South Korea’s cybersecurity emergency response centre), discovered a NetSupport RAT malware being distributed by threat actors from a phishing web site disguised as a popular Pokemon card game. The malware serves as a remote access tool that easily takes control over victims' PCs (Personal Computers). Moreover, the malware may allow the attackers to remotely control the compromised computer’s mouse and keyboard, access the system’s file management and history and even execute commands allowing them to install additional malware.
Vulnerable Platform(s):
Windows Operating System
Read more: Hackers Employ Fake Card Game to Take Over Windows PCs
Advisory ID: NCC-CSIRT-0401-001
Summary: Multiple vulnerabilities were identified in Debian Linux Kernel.
Read more: Multiple Security Vulnerabilities in Linux Kernel
Advisory ID: NCC-CSIRT-1228-064
Summary: The PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco Internetworking Operating System (IOS) Software has a vulnerability in its implementation. An unauthenticated, remote attacker can exploit the vulnerability to force a reload on a vulnerable device, launching a denial of service (DoS) attack.
Vulnerable Platform(s): Cisco Internetworking Operating System (IOS)
Advisory ID: NCC-CSIRT-0812-062
Summary: Researchers from the mobile security firm Zimperium have found several apps that transmit malware known as "Schoolyard Bully" while disguising itself as reading and educational apps with a variety of books and topics for their victims to study. The malicious apps were available on Google Play, yet they have already been taken down. However, they still spread via third-party Android app shops. The malware infected over 300,000 android devices, and its primary objective is to steal Facebook account information, including the email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).
Vulnerable Platform(s):
Facebook Social Media Platform
Advisory ID: NCC-CSIRT-0612-061
Summary: An integrity mechanism known as Secure Boot, which ensures that only trusted software is loaded during system start-up, has a vulnerability that Martin Smolar, an ESET security researcher, uncovered in Acer laptop Computers. This gives the attacker total control over how the operating system loads and gives them the power to deactivate or bypass security measures to secretly install malware with system privileges.
Vulnerable Platform(s): Operating Systems
- Hackers Exploit Discoverability by phone number/email restriction bypass Vulnerability to Steal Users' Data on Twitter
- A Malicious Android SMS Application Hijacks Victims' Devices Using an SMS Relay.
- New Phishing Attacks Exploit Windows Zero-Day Vulnerability to Drop Qbot Malware
- Todo: Day Manager Installs Banking Trojan Malware (Xenomorph) That Steals Banking Login Details