News

A new type of malware found on the wild called SmallB

Sceptive has found a new brand of malware called SmallB during an incident investigation. After initial analysis, we have detected C&C servers for the malware but could not find any major clue about whereabouts or origins of the attackers. Due to our contact with service providers and financial corporations and banks that malware targeted, we observed that C&C servers went down immediately without a trace.

Continue reading

CVE-2014-3518 JBoss EAP/AS 5: Remote code execution

JBoss Application Server (JBoss AS) is an open-source, cross-platform Java application server developed by JBoss, a division of Red Hat Inc. JBoss AS is an open-source implementation of Java 2 Enterprise Edition (J2EE) that is used for implementing Java applications and other Web-based applications and software.

Continue reading

Unpatched Atlassian products still reign over a critical security flaw

Atlassian released a security advisory nearly 8 months ago and released patches for a very critical vulnerability contained nearly all web based products.

Description of vulnerability was not sufficent for potential black hats but given patches leaked all the details they need.

Continue reading

CVE-2014-3750 Bilyoner mobile apps prone to various SSL/TLS attacks

Bilyoner is an online betting platform for various betting options on idda , spor toto, milli piyango, tjk.

We have found that mobile apps vulnerable to SSL/TLS attacks which eventually lets attackers to gain sensitive information and hijack user sessions.

Continue reading

CVE-2014-2992 Misli.com Android App SSL certificate validation weakness

Misli.com is an online betting web-site which also provides Android app. for the members to ease on betting.

We have found that Android app vulnerable to SSL mitm attacks (http://en.wikipedia.org/wiki/Man-in-the-middle_attack) which eventually let attackers to gather user name-password and session hijacking capabilities against app. users.

Continue reading

CVE-2014-2993 Birebin.com Android App SSL certificate validation weakness

Birebin.com is an online betting web-site which also provides Android app. for the members to ease on betting.

We have found that Android app vulnerable to SSL mitm attacks (http://en.wikipedia.org/wiki/Man-in-the-middle_attack) which eventually let attackers to gather user name-password and session hijacking capabilities against app. users.

Description

On misconfigured network environments it is possible to redirect HTTPS packets over MITM tools for SSL sessions.

Continue reading

Memcached < 1.4.17 SASL authentication bypass

Bilyoner is an online betting platform for various betting options on idda , spor toto, milli piyango, tjk.

We have found that mobile apps vulnerable to SSL/TLS attacks which eventually lets attackers to gain sensitive information and hijack user sessions.

Continue reading