all InfoSec news
Old Backdoor, New Obfuscation, (Sat, Mar 18th)
Malware Analysis, News and Indicators - Latest topics malware.news
When you’re hunting, sometimes you feel lucky because you spotted something that looks brand new, but sometimes it’s not new or… the code has been changed to bypass existing detections. Here is a perfect example. A few months ago, Juniper discovered[1] a backdoor targeting VMWare ESXi servers, more precisely, the OpenSLP service (%%cve:2019-5544%% and %%cve:2020-3992%%).
Article Link: https://isc.sans.edu/diary/rss/29646
1 post - 1 participant
backdoor brand bypass code cve detections esxi hunting juniper obfuscation old perfect precisely sat servers service targeting vmware vmware esxi vmware esxi servers