Security Alerts & News
by Tymoteusz A. Góral

History
#2142 DoubleAgent: 0day code injection and persistence technique
We’d like to introduce a new Zero-Day technique for injecting code and maintaining persistency on a machine (i.e. auto-run) dubbed DoubleAgent.

DoubleAgent can exploit:

* Every Windows version (Windows XP to Windows 10);
* Every Windows architecture (x86 and x64);
* Every Windows user (SYSTEM/Admin/etc.);
* Every target process, including privileged processes (OS/Antivirus/etc.);

DoubleAgent exploits a 15 years old legitimate feature of Windows and therefore cannot be patched.

Read more
#2149 Soundwaves used to produce fake data from accelerometers
#2148 A new trend in Android adware: abusing Android plugin frameworks
#2147 LastPass bugs allow malicious websites to steal passwords
#2146 Winnti abuses GitHub for C&C communications
#2145 Lithuanian con artist scams two US tech giants out of $100 million
#2144 Chinese crooks use fake cellular telephony towers to spread Android malware
#2143 Hackers: We will remotely wipe iPhones unless Apple pays ransom
#2142 DoubleAgent: 0day code injection and persistence technique
#2141 Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
#2140 New LLTP ransomware appears to be a rewritten venus locker
#2139 Swearing trojan continues to rage, even after authors’ arrest
#2138 Bitcoin scams: Beware of crooks trying to steal your cryptocurrency with these schemes
#2137 Word document spreads macro malware targeting both Windows and macOS
#2136 New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12