Word Zero Day Attacks Use Complex Chain of Exploits

The exploit that attackers are using to target a zero day vulnerability in Microsoft Word relies on a complex series of pieces, including an ASLR bypass, ROP techniques and shellcode with several layers of tools designed to detect and defeat analysis. Microsoft officials said the exploit is being...

Syrian Electronic Army kept their promise; Microsoft's Office blog hacked

Yesterday Night Microsoft has faced another targeted attack by the Syrian Electronic Army SEA, a group supposed to be aligned with Syrian President Bashar al-Assad. The SEA group is popular for its advance phishing attack and using the same technique they also hacked into the Official Twitter...

Facebook - Delete The Admin Of Any Page Exploit

It is possible to delete the admin of any page just with a single click.This can also be converted into a bot or a worm leading to the deletion of admin of thousands of pages. It is also possible to fully automate this worm.It is very effective when we aim for wide spread attack.Targeted attacks...

Technical details of the targeted attack using IE vulnerability CVE-2013-3918

Over the weekend we became aware of an active attack relying on an unknown remote code execution vulnerability of a legacy ActiveX component used by Internet Explorer. We are releasing this blog to confirm one more time that the code execution vulnerability will be fixed in today’s UpdateTuesday...

Attackers Targeting MS13-055 IE Vulnerability

Attackers are using an Internet Explorer vulnerability, which Microsoft patched yesterday, in targeted attacks that also employ a malicious Flash file installed through a drive-by download launched by compromised Web pages. The exploit that’s being used is capable of bypassing both ASLR and DEP...

Stolen Opera Code-Signing Certificate Used to Sign Malware

Opera Software said it was able to contain the impact of a security breach that resulted in the theft of an expired code-signing certificate used to sign malware distributed to Windows users during a 36-minute stretch on June 19. Opera developer Sigbjorn Vik said the browser maker was victimized ...

Section flood CMS XSS targeted attacks vulnerabilities, you can get any of the user Cookie-vulnerability warning-the black bar safety net

Brief description: Section flood CMS XSSthe directional attack vulnerability, can get any user Cookie Detailed description: Section flood CMS provided by default member registration function, the members of Station Information within the module there is a storage-typeXSSvulnerabilities that can b...

Human Rights Activists targeted with new Android malware

Tibetan and Uyghur activists are once again targeted with a new malware, specially designed for Android devices. This is the first documented attack that targets Android smartphones. Security researchers at Kaspersky say they've found a targeted malware attack on Android phones that seems to come...

Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents

On March 16th, we discovered a premeditated waterhole campaign that hosts exploits and malware on websites frequented by a specific target group. In this case the target includes Chinese dissidents. For the attacker, this approach is highly attractive since it is very difficult to discover the...

DARPA Seeking Help With Targeted Attack Analysis

The networks of government agencies and the military are under constant attack from a variety of sources, and the U.S., like most other countries, relies on those networks to not just run daily operations, but to support missions around the world. In the face of those attacks, the Department of...

Batchwiper malware, new virus targets Iranian computers

Iranian CERT is sounding the alarm over another bit of data-deleting malware it's discovered on PCs in the country. Dubbed Batchwiper, the malware systematically wipes any drive partitions starting with the letters D through I Drive, along with any files stored on the Windows desktop of the user...

Batchwiper malware, new virus targets Iranian computers

Iranian CERT is sounding the alarm over another bit of data-deleting malware it's discovered on PCs in the country. Dubbed Batchwiper, the malware systematically wipes any drive partitions starting with the letters D through I Drive, along with any files stored on the Windows desktop of the user...

Zitmo Trojan Variant Eurograbber Beats Two-Factor Authentication to Steal Millions

Online banking customers in Europe are falling victim by the thousands to a new banking Trojan that is infecting Android and BlackBerry devices and is capable of defeating two-factor authentication. The Trojan, dubbed Eurograbber by researchers at Check Point Software Technologies and Verasafe, i...

Iran still on target of 'Mahdi' malware after detection

In JULY Kaspersky Lab and Seculert revealed the presence of a new cyber-espionage weapon known targeting users in the Middle East. Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread...

MyAgent Trojan Targets Defense and Aerospace Industries

FireEye Security experts are analyzing a targeted trojan that leverages emailed PDF files to gain access to systems and deliver its payload to specified networks in the aerospace, chemical, defense and tech industries. "We have seen different versions of this malware arriving as an exe inside a...

Email Trojan Targeting Defense, Aerospace and Other Industries

What has the makings of a targeted attack campaign against several high-value industries is using a Trojan that employs rigged PDFs to deliver its payload. Targeting organizations in the defense, chemical, technology, and aerospace industries, the MyAgent trojan is primarily spreading through ema...

DarkComet RAT Used in New Attack on Syrian Activists

There is a new attack campaign that’s targeting dissidents in Syria by enticing them to install an alleged security tool called AntiHacker, but instead installs the infamous DarkComet remote access tool that has the ability to log keystrokes, capture webcam images and take other surreptitious...

AutoCAD Worm Stealing Designs, Blueprints

Security researchers have come across a new worm that is meant specifically to steal blueprints, design documents and other files created with the AutoCAD software. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens of thousands of stolen document...

CVE-2011-4817

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management...

Attackers Reused Adobe Reader Exploit Code From 2009 In Extremely Targeted Hacks

The targeted attack that exploited a previously unknown vulnerability in Adobe’s Reader application last month was extremely focused on defense industrial base firms, and affected just a handful of systems, according to a company spokesman. Fewer than 20 machines, spread across a number of firms ...