Vermelho (Red): New variant of the Mirai Botnet Exploits 9 Vulnerabilities

Haythem Elmir

A new Variant of Mirai Malware recently started recruiting devices IoT written by @mezy1337. This malware uses hosted servers to find and infect new victims . Samples were served from the IP 46.243.189.102 Malware Samples: 10f0429cee0a52a569c14bee727f3f66:VAMPWROTESATORI.x86 3672ec68839541e7263f491ce9407ec9:vermelho.i686 156e888c32c38677ae970b3a944e8e0e:vermelho.arm7 b125deca7501e13667eaf0804d44a5a7:vermelho.m68k 1406cf02d6af6c2a33f86f93feebdc55:cpuvuln.x86 11e887988687b66cb29a5d395797b0e6:vermelho.mips64 e524abeb037e5295d8341519883ec733:vermelho.mips fb926ee35a240e1bd6761c2d416ef392:vermelho.i486 f9e73ae79a618df43b3bf0ff06818979:vermelho.x86_64 b89870c84f62606b8c1337f120198362:vermelho.sh4 98c35212c42a39cac579afbfb271ba9c:vermelho.arm5 9229e931e806b30967863a1d0f78fb3e:vermelho.mipsel d54456cc11c710f6b4431e0e9593ac02:vermelho.arm6 93b642bb132f757617ff3221ebefab53:vermelho.powerpc-440fp 1da0c2b1c860c334b3220687b15c1e95:vermelho.powerpc c19c397f73adbb3a8247f8670a895e30:vermelho.x86 53b539f6f9824d538f5a28f29ba2e9c4:vermelho.arm4 fb94e136404fcd1de3ba95cb09d8f6ba:vermelho.sparc […]

Most Advanced Backdoor Obfuscation and Evasion Technique That used by Hackers

Haythem Elmir

Cybercriminals are using the most sophisticated techniques to bypass the security controls in various organization such as  IT, medical, manufacturing industries, energy sectors, even government entities. Sometimes developers are creating a backdoor for a legitimate purpose such as maintenance and easy accessibility during the technical issue via a remote location. But […]

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Haythem Elmir

Experts discovered nine vulnerabilities affecting NAS devices that could be exploited by unauthenticated attackers to access protected content. Nine flaws affecting NAS devices could be exploited by unauthenticated attackers to access protected content. The vulnerabilities are traked as CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081 and CVE-2018-9082. According to Lenovo, the flaws affect 20 models of network attached storage […]

WifiPhisher – WiFi Crack and Phishing Framework

Haythem Elmir

Wifiphisher is an open source framework that can be utilised for red team engagements for wireless networks through Man in the Middle attacks. The tool is capable of using the modern wifi association techniques, such as Known Beacons, KARMA, and Evil Twin. With the ‘Known Beacons’ technique, Wifiphisher broadcasts ESSIDs […]

Researchers associated the recently discovered NOKKI Malware to North Korean APT

Haythem Elmir

Security experts from Palo Alto Networks have collected evidence that links the recently discovered NOKKI malware to North Korea-Linked APT. Researchers from Palo Alto Networks have spotted a new variant of the KONNI malware, tracked as NOKKI. that was attributed to North Korea-linked attackers. NOKKI borrows the code from the KONNI malware, the latter […]