dcsimg

LoJack for computers used to attack European government bodies

Security researchers have detected the first known instance of a UEFI bootkit being used in targeted campaigns against government entities across Central and Eastern Europe. The attack focuses on UFEI-enabled computers and relies on a persistence mechanism that has been stolen from a legitimate, but often questioned, software called Computrace that comes by default on many computer systems. This … [Read more...]

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

This blog post was authored by @hasherezade and Jérôme Segura. We recently detected a drive-by a download attempt trying to exploit CVE-2018-4878, a vulnerability in Flash Player, in a sequence that was not matching any of the exploit kit patterns that we currently track. Upon investigation, we discovered something that was new to us, but is part of an existing exploitation framework discovered in … [Read more...]