GongDa vs. Korean News

On Jan. 27, we observed visitors to a Korean news site being redirected to the GongDa Exploit Kit EK, potentially exposing them to malware infection. We will be referring to this site as KNS. GongDa is an exploit kit that can compromise vulnerable endpoints by use of exploits, allowing harmful...

WordPress Hacks Behind Spike in Neutrino EK Traffic

Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic, researchers at Zscaler said. In a report published yesterday, Zscaler said it spotted attacks against sites running older versions of the content management system, 4.2 and earlie...

Rig Exploit Kit 3.0 Claims 1 Million Malvertising Victims

LAS VEGAS – A rampant malvertising campaign fueled by a new version of the Rig Exploit Kit has claimed at least 950,000 victims worldwide and is doing so with an unprecedented success rate. Researchers at Trustwave said in advance of this week’s Black Hat conference that they have been watching...

Thunderstrike 2 Mac OS X Firmware Worm

A new attack against Intel firmware running in Apple computers is expected to be unveiled at this week’s Black Hat conference. The research is an extension of the Thunderstrike Mac OS X firmware bootkit disclosed this spring that enables the undetectable installation of malicious firmware that...

Hacking Team keep track of the Flash Exploit-vulnerability warning-the black bar safety net

Background 7 months since the leaked 0day also really let the people rejoice let the people worry. Compared to Malwaredontneedcoffee from time to time the release of the sample in the inhuman confusion of the encryption, they HackTeam offer but retracted neat, variable naming Convention, comments...

Hacking Team attack code analysis Part 2: a Pwn2Own vulnerability of the fantasy drifting-vulnerability warning-the black bar safety net

Before we analyze the HackingTeam leaked data in the Flash 0day bytearray 0day。 And in the leaked data, we've also seen another one called convolutionfilter flash exploit that. Look at this flash exploit, and soon realized that this vulnerability is a already patched the vulnerability, cve-2 0 1...

New Utility Decrypts Files Lost to TeslaCrypt Ransomware

Crypto-ransomware variants have enterprises on edge because of the threat of irreversibly damaged files. Some organizations, including most recently the Tewksbury, Ma., police department have gone as far as to pay hundreds of dollars in ransom for the recovery key. Some technology companies are...

Ransomware Teslacrypt Still Targeting Gamers

Teslacrypt, the fairly new strain of ransomware that’s been targeting gamers, is continuing to make the rounds online. Researchers have spotted exploit kits like Sweet Orange and Angler dropping the malware on machines over the past few months. This week, Brad Duncan, a handler over at the SANS...

CryptoLocker Variant Coming After Gamers

Gamers may soon be feeling the pain of crypto-ransomware. A variant of CryptoLocker is in the wild that goes after data files associated with 20 different online games, locking downloadable content in an attempt to target younger computer users. Researchers at Bromium today said an unnamed...

Microsoft to Patch IE 10 Zero Day March 2014 Patch Tuesday

Microsoft will patch a lingering zero-day vulnerability in Internet Explorer next Tuesday, one of five bulletins it will release as part of its March 2014 Patch Tuesday security updates. The IE 10 zero-day was disclosed close to a month ago when researchers at FireEye reported on Operation SnowMa...

IE Zero-Day Watering Hole Attack Expands to Handful of Political Sites

The scope of watering hole attacks utilizing a previously unreported vulnerability in Internet Explorer has widened to as many as four new sites, all of them with politically charged leanings. The attacks further demonstrate the effectiveness of watering hole attacks compared to phishing attacks...

CFR watering hole attack also target Capstone Turbine Corporation

Last week Council on Foreign Relations website was compromised and recently hit by a drive-by attack using a zero day Internet Explorer 6 vulnerability for Cyber Espionage attack, suspected by Chinese Hackers. Later Microsoft confirmed that Internet Explorer 6, 7, and 8 are vulnerable to remote...

Adobe Flash (Embedded in PDF) LIVE VIRUS/MALWARE Exploit

Exploit for unknown platform in category local exploits ======================================================== Adobe Flash Embedded in PDF LIVE VIRUS/MALWARE Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

UBUNTU-CVE-2007-5109

Cross-site request forgery CSRF vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified 1 regpass and 2 level parameters in a noneLogin action, as demonstrated by using...

Microsoft Internet Explorer 6.0 Macromedia Flash Player Plugin - Remote Denial of Service

source: https://www.securityfocus.com/bid/10057/info It has been reported that Macromedia Flash Player for Internet Explorer may be prone to a denial of service vulnerability that may cause an instance of Internet Explorer to crash. The issue is reported to exist in the 'LoadMovie' function by...