RPC Bug Hunting Case Studies – Part 2

[+] Target: appidsvc.dll        [*] Is RPC server file        [*] Potential DLL with arbitrary DACL modification: appidsvc.dll [+] Target: AppVEntSubsystemController.dll        [*] Is RPC server file        [*] Potential executable arbitrary deletion: AppVEntSubsystemController.dll [+] Target: AppXDeploymentServer.dll        [*] Is RPC server file        [*] Potential executable arbitrary deletion: AppXDeploymentServer.dll Continue Reading

CentOS Web Panel News

Big file upload via File Manager – Control WebPanel Wiki

To upload a big file via File manager, we need to edit CWP PHP configuration. First backup configuration file: /usr/local/cwp/php71/php.ini cp /usr/local/cwp/php71/php.ini /usr/local/cwp/php71/php.ini.bak Edit configuration file. nano /usr/local/cwp/php71/php.ini Locate upload_max_filesize, post_max_size and memory_limit.Change to your size, in this case we are using 500MB, please note that post_max_size and memory_limit need Continue Reading

Overview of Enterprise File Sync and Share Solutions

The Basics of Enterprise File Syncing and Sharing Enterprise File Syncing and Sharing: Getting Started When you own a business, you need the proper solutions for seamless data sharing and communication. Not only do your files need to be accessible by appropriate parties, they need to be kept up-to-date at Continue Reading

How to run cgi scripts with Apache

How to run cgi scripts with ApacheIn this example we will add support for the following file extensions: .cgi .pl .pyWe have set folder to be /home/*/public_html/ but you can set it to be /home/*/public_html/cgi-bin/ if needed. Create File: /usr/local/apache/conf.d/mod_cgid.conf LoadModule cgid_module modules/mod_cgid.so Options ExecCGI SymLinksifOwnerMatch SetHandler cgi-script AddHandler cgi-script Continue Reading

Extended Party: ownCloud X Launch Event a Full Success

May 23 was the day we were all waiting for–ownCloud celebrated the launch of the latest enterprise edition of its file sync and share solution, ownCloud 10.0.2, at the KOMED event center in Cologne. As of now, ownCloud X is fully available to enterprise customers. In addition to exciting lectures Continue Reading

Deep Analysis of New Emotet Variant

Background Last week, FortiGuard Labs captured a JS file that functions as a malware downloader to spread a new variant of the Emotet Trojan. Its original file name is Invoice__779__Apr___25___2017___lang___gb___GB779.js.  A JS file, as you may be aware, is a JavaScript file that can be executed by a Window Script Continue Reading

FortiGuard Labs Telemetry – Cloud Application Usage Observations

Many internet moons ago, it was the norm to fix a cup of coffee while waiting for a 1-megabyte file download to complete. Innovators and early adopters of cloud storage at that time were faced with the challenge of limited internet bandwidth capacities and expensive leased lines. Storing and syncing Continue Reading

Microsoft Word File Spreads Malware Targeting Both Apple Mac OS X and Microsoft Windows

On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it Continue Reading

Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java

In part I of this blog we finished the analysis of the native layer and got the decrypted secondary dex file. Here in part II we will continue to analyze it. For the sake of continuity, we will maintain continuous section and figure numbers from part I of the blog. IV. The secondary Continue Reading

>