Security News > 2020 > January > News Wrap: PoC Exploits, Cable Haunt and Joker Malware
Tom: Well, yeah, I will say that in a situation when you have a zero day or you have an unpatched vulnerability, I could make an argument that it is irresponsible and you know the disclosure of a PoC might be better suited for a bad channel as opposed to a chest-beating researcher who just wants some fame and maybe not so much fortune.
I think it was called Cable Haunt and it was in multiple cable modems that are used by ISPs to provide broadband into homes so you know what's going on there?
So a lot of different vendors of different cable modems, like Arris and Technicolor and some of the other you know, well known names in that particular side of tech industry have taken this Broadcom reference architecture.
Google was saying that, you know, to date, since the Joker appeared, which has only been like, I think, like 18 months or something, they removed 17,000 Android apps that have been infested with Joker.
Lindsey: Yeah, in terms of, you know, Joker being kind of billing fraud and being based on that, how is that similar or different to, because we also this week wrote about "Fleeceware apps" which essentially are kind of trick users into subscribing to a service on the app that could you know, be also used as free and then you know, ended up ending up racking like tons of money from victims so you know, it that similar or different from that?
News URL
https://threatpost.com/news-wrap-poc-exploits-cable-haunt-and-joker-malware/151980/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)