Updated 18 July 2019
Thieves routinely try to save new wages
The weakness of Oracle WebLogic for Monero
The Cryptocurrency program uses a disguised certificate file
Due to incorrect changes, the CVE-2019-2725 crash must be updated from April 26th.
[SANS ISC Original InfoSec
There have been reports that hackers made a mistake when configuring cryptocurrency, but they are now writing a new blog, Trend
This case was confirmed and the illusion of addiction was reexamined.
The idea of using certificates to hide malware is not new
For example, blog writers talk about Trend Micro Mark
Vicente, Jnler Trainfante, Byron Gehler. The certificate is valid
You can delete hidden files and malware
The downloaded document has been checked because it is a document format certificate
This looks great when HTTPS is activated
The infection begins when malware uses CVE-2019-2725
Disable PowerShell and you have problems
Verify the document on server C2. Violation of regulations
Software management certification,
Enter a new name and it will be created from scratch
The certificate has been deleted
The essence of Microsoft’s trends is that the certificate file is not signed
The X.509 TLS file format is common, but in
PowerShell command. This command contains a PowerShell script
Those who carry heavy luggage and other vehicles
The file is supported.
The same WebLogic tar is also used in the new SODOODS tool.