Tag: backdoored

security

MAR-10459736.r1.v1 WHIRLPOOL Backdoor

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
security

SANS Stormcast Monday, March 23rd, 2026: GSocket Backdoor in Bash; Oracle Security Alert; Rockwell Attacks

GSocket Backdoor Delivered Through Bash Script https://isc.sans.edu/diary/GSocket+Backdoor+Delivered+Through+Bash+Script/32816/#comments Oracle Security Alert CVE-2026-Adresse geschuetzt https://blogs.oracle.com/security/alert-cve-2026-21992 Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet and Harden PLCs to Protect from Cyber Threats https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html

Mehr lesen →
security

BRICKSTORM Backdoor

Malware Analysis at a Glance Malware Name     BRICKSTORM Original Publication Dec. 4, 2025  Last Update Feb. 11, 2026  Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre for Cyber Security (Cyber Centre) assess People’s Republic of China (PRC) state-sponsored cyber actors are using BRICKSTORM malware for long-term persistence […]

Mehr lesen →
security

SANS Stormcast Tuesday, June 3rd, 2025: Windows SSH C2; Google Removes CAs from trusted list; MSFT issues Emergency Patch to fix Crash issue; Qualcom Adreno GPU 0-day

Simple SSH Backdoor Xavier came across a simple SSH backdoor taking advantage of the ssh client preinstalled on recent Windows systems. The backdoor is implemented via an SSH configuration file that instructs the SSH client to connect to a remote system and forward a shell on a random port. This will make the shell accessible […]

Mehr lesen →