Zyxel Threat Intelligence (Release Date: 2022-02-01)
ZyWALLs latest virus/malware signature update protects you against more malware and threats. See how ZyWALL defends against these threats.
Part 1 – Virus/Malware Spotlight
Part 2 – Intrusion Detection Highlight
Part 3 – Application Patrol HighlightThis article focuses on Trojan. Part 2 and 3 will be included in the February Monthly Threat Report covering Intrusion Detection and Application Patrol update. You can view more about their details, history, and signature information in Zyxel Encyclopedia.
(Number of updated Virus/Malware signatures:904)
Zyxel keeps malware detection up-to-date. Currently, Zyxel detects and removes the threats including Trojan.PasswordStealer and Trojan.BitCoinMiner.
Password stealers are a type of malware that steals passwords and other sensitive information. It may also secretly install and perform several malicious actions on your PC.
How it works
Trojan.PasswordStealer may be distributed using various methods. Attackers often deploy Trojan.PasswordStealer as part of another harmful program like trojan-dropper, which silently installs the trojan-spy on a device.
They may also be distributed as email attachments by social engineering to trick users into opening the attached files, all while silently installing the Trojan.PasswordStealer. The trojan is also particularly prevalent on the Android platform and can be found on copies of legitimate versions of their apps’ counterpart. The users get directed to the malicious versions with advertising.
A Trojan.PasswordStealer enables keylogging and stays active in Windows memory. It starts keylogging when the users input a log-in ID and a password.
After log-ins and passwords are stolen, the attacker can read a user's email on public and corporate mail servers. It can also access to more sensitive information such as banking accounts.
Trojan.BitCoinMiner identifies a program that the attackers wrote to hijack other people computer's physical resources including memory and processing power. Crypto-mining is resource intensive and usually eats up energy cost. Attackers avoid this by silently installing Trojan.Bitcoinminer through fake software downloads and updates, forcing regular victims' computers to mine bitcoins or other forms of digital cryptocurrency for them. Programs identified as Trojan.BitCoinMiners can either function as a miner or install a separate component that can do so.
What Is Cryptocurrency?
A cryptocurrency is an anonymous and digital currency produced by a public network, rather than any government. It uses cryptography to make sure payments are sent and received safely and anonymously. Multiple cryptocurrencies exist, such as BitCoin, Ethereum and Monero.
(Updated: 12/Cover Total: 5510)
Base Score: 10 high
Apache Log4j logging remote code execution
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. (Source: NIST)
Base Score: 8.8 high
Windows SMB Server Smb2UpdateLeaseFileName Remote Code Execution
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633. (Source: NIST)
(Added Application:5/ All Application: 3847)
To make your life easier in managing your licenses for your devices, the Marketplace has been opened to buy licenses conveniently and securely.
These are the three major benefits for you as a customer when using the Marketplace:
- 6.8K All Categories
- 1.4K Nebula
- 29 Nebula Ideas
- 38 Nebula Status and Incidents
- 3.9K Security
- 200 Security Ideas
- 727 Switch
- 30 Switch Ideas
- 603 WirelessLAN
- 8 WLAN Ideas
- 4.5K Consumer Product
- 98 Service & License
- 212 New and Release
- 68 Stories
- 38 Security Advisories
- 512 FAQ
- 235 Nebula FAQ
- 117 Security FAQ
- 74 Switch FAQ
- 65 WirelessLAN FAQ
- 5 Consumer Product FAQ
- 30 Nebula Monthly Express
- 43 About Community
- 31 Security Highlight