One of our clients has reported unusual behavior while using this extension to track / develop a website and the associated webapp.
Seems like the extension has been modified to inject tracking [that’s the least we found out from our quick investigation]. A part of the code used can be found here:
https://gist.github.com/mala/e87973df5029d96c9269d9431fcef5cb
We recommend anyone using this extension to uninstall it and carefully investigate.
Our RTT solution helps companies retaliate if attacked by vulnerable / infected IoT devices. Still in Beta, but you can get a glimpse of it at any time. Just e-mail us at office@evosec.eu for more details.
The latest cumulative update for Windows 10, KB3189866 won’t install properly when Windows Update is being used
We don’t agree at all that paying the ransom is a good approach for businesses – that will just fuel up the snowball of ransomware. And we have (some) solutions.
We’ll check your server, your DNS records configuration, if your IP/server is blacklisted somehow (and, most importantly, why) and we’ll issue a report or chat with your IT department/support. After that, we can fix all the problems for you or show your IT department/service how to do it.
During August 2016, we came across several devices that were infected with a new malware that we couldn’t identify – for now. It resides in a read-write partition of some CCTV devices (most partitions on these devices are read-only), in a folder called .anime under the name .kami. It seems the attack used hard-coded telnet credentials and then downloaded the now-unknown malware(or maybe created the file via “echo” commands).
We failed to identify it, since it’s truncated – the final file seems to be bigger than the partition it was created on (mounted as /mnt/mtd).
.kami: ERROR: ELF 32-bit LSB executable, Renesas SH, version 1 (SYSV), statically linkederror reading (Invalid argument)
The MD5 of it:
cdd887f2112b3d87b96154ca492368a8 .kami
For now, all we can recommend is to move devices from DMZ to proper port-forwarding and, where needed, install a router as a firewall in front of them.
Automated delivery of content ideas to your e-mail, based on what your visitors used as search keywords.
One of our clients asked us if we could provide a solution to automate data backup (logs, DB files, documents etc) only via RDP.
BITDEFENDER has released a report about 4 well-known IoT devices (a WeMo Switch, a Lifx Bulb, a LinkHub and a MUZO Cobblestone Wi-Fi Audio). The findings shouldn’t be new to anyone, but are quite interesting.
The full report can be found here:
