Security Bulletins
Latest Malware Updates
Downloader.Busadom!g102/27/2015Infostealer.Posteal02/26/2015Downloader.Busadom02/26/2015Trojan.Ladocosm02/26/2015SONAR.SuspDocRun02/25/2015SONAR.SuspHelpRun02/25/2015W32.Tempedreve.D!inf02/25/2015SONAR.PUA!AlnadInsta02/25/2015SONAR.Infostealer!g502/25/2015SONAR.Infostealer!g402/25/2015 |
01/23/2015
Backdoor.Ratenjay.CType: Virus, TrojanDiscovered: 23.01.2015 Updated: 23.01.2015 Affected systems: Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Vista, Windows XP AV Vendor: Symantec Description: The Trojan horse may arrive on the compromised computer after being spread through a removable drive.When the Trojan is executed, it may create the following files:
Note: [INSTALL NAME] may be one of the following values:
Note: [INSTALL PATH] may be one of the following values:
Note: [FILE NAME] may be any file present on the removable drive. Note: [SUB FOLDER] may be any folder under the root of the removable drive. The Trojan may create a subfolder with the following name if no subfolder is present:
The Trojan may create the following registry entries:
Note: The Trojan determines which registry entries are created based on the current version of the Trojan. The Trojan opens a back door, and connects to a remote location. Note: The remote location is chosen by the attacker and can be an IP address or URL of their choice. The usual ports for the remote location are 1010 and 1991. The Trojan repeatedly sends one of the following commands to the remote location:
The Trojan may steal the following information from the compromised computer and send it to the remote location:
The Trojan may perform the following actions:
|
Security Advisories Database
Remote Code Execution Vulnerability in Microsoft OpenType Font DriverA remote attacker can execute arbitrary code on the target system. 07/21/2015Multiple Vulnerabilities in Linux kernel03/04/2015SQL Injection Vulnerability in PiwigoSQL inection vulnerability has been discovered in Piwigo. 02/05/2015Cross-site Scripting Vulnerability in DotNetNukeA cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke. 02/05/2015Cross-site Scripting Vulnerability in Hitachi Command SuiteA cross-site scripting vulnerability was found in Hitachi Command Suite. 02/02/2015Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk HandlingAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-ForwardsAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"An attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Linux Kernel spliceAn attacker can perform a denial of service attack. 01/29/2015Denial of service vulnerability in Python Pillow Module PNG Text Chunks DecompressionAn attacker can perform a denial of service attack. 01/20/2015 |