A new type of malware found on the wild called SmallB

on April 12, 2016

Sceptive has found a new brand of malware called SmallB during an incident investigation. After initial analysis, we have detected C&C servers for the malware but could not find any major clue about whereabouts or origins of the attackers. Due to our contact with service providers and financial corporations and banks that malware targeted, we observed that C&C servers went down immediately without a trace.

CVE-2014-3518 JBoss EAP/AS 5: Remote code execution

on September 16, 2014

JBoss Application Server (JBoss AS) is an open-source, cross-platform Java application server developed by JBoss, a division of Red Hat Inc. JBoss AS is an open-source implementation of Java 2 Enterprise Edition (J2EE) that is used for implementing Java applications and other Web-based applications and software.

Unpatched Atlassian products still reign over a critical security flaw

on August 12, 2014

Atlassian released a security advisory nearly 8 months ago and released patches for a very critical vulnerability contained nearly all web based products.

Description of vulnerability was not sufficent for potential black hats but given patches leaked all the details they need.

CVE-2014-3750 Bilyoner mobile apps prone to various SSL/TLS attacks

on May 15, 2014

Bilyoner is an online betting platform for various betting options on idda , spor toto, milli piyango, tjk.

We have found that mobile apps vulnerable to SSL/TLS attacks which eventually lets attackers to gain sensitive information and hijack user sessions.