Blog Posts

Home / Blog Posts

Posted on April 8, 2021

Blog Posts

KollectApps Insecure Java Deserialization (CVE-2021-27335)

KollectApp is a desktop application used heavily in the banking sector; it’s used to manage loan collection given to customers by the bank.While doing a penetration test on the application, I discovered critical insecure java deserialization that leads to remote code execution.During testing, I noticed the presence of java serialized payload at one of the application's requests. Since I decompiled the application jar files, I know that the commons collection gadget exists....

Read Post

by Ahmed Attalla

5

Posted on September 6, 2020

Blog Posts, Malware Analysis

THANOS RELATED MALWARE

1 Malware Summary 1.1 Malware description Malcrove has discovered a persistent malware that has been active in targeting an organization in the Energy industry. The malware infects a victim’s host with a ransomware, encrypts certain files and tries to spread over the local network to infect other hosts. Our research revealed that the malware was created with the Thanos builder. Thanos is a RaaS (Ransomware as a Service) that provides buyers...

Read Post

by Ahmed Attalla

0

1

Search for: