CVE-2 0 1 4-4 1 1 4 variants of sample analysis-vulnerability warning-the black bar safety net

Found a CVE-2 0 1 4-4 1 1 4 variants of the sample, the sample embedded with malicious code, can be directly to the local trigger, no need to from a remote shared server to download malicious code. Use UltraEdit to open the sample can be found within a block of the PE module information: ! ue.jpg...

UBUNTU-CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

New GameOver Zeus Botnet Malware Variant Surfaces

The GameOver Zeus takedown was trumpeted as a victory against cybercrime, and for all its success, even those involved understood it was likely a temporary win. Researchers at Seculert have spotted a new variant of GameOver Zeus that has spurned previous versions’ peer-to-peer communication...

Havex, It’s Down With OPC

FireEye recently analyzed the capabilities of a variant of Havex referred to by FireEye as “Fertger” or “PEACEPIPE”, the first publicized malware reported to actively scan OPC servers used for controlling SCADA Supervisory Control and Data Acquisition devices in critical infrastructure e.g., wate...

UBUNTU-CVE-2014-4607

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...

PHP 5.4 (5.4.3) Code Execution (Win32)

No description provided by source. // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish...

Microsoft NetMeeting 3.0.1 4.4.3385 Remote Desktop Sharing DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1798/info The Remote Desktop Sharing component of Microsoft NetMeeting for Windows NT 4.0 / 2000 does not properly handle a particular type of malformed input string sent over port 1720. CPU utilization can be caused to...

PHP <= 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce

No description provided by source. ?php / PHP = 5.4.3 wddxserialize / streambucket Variant Object Null Ptr Derefernce Author : condis Date : 10.04.2012 AD Website : http://cond.psychodela.pl ---- Download : http://php.net/downloads.php Tested on: PHP 5.3.8 + Windows XP SP3 Professional PL PHP...

Accipiter DirectServer 6.0 - Remote File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9389/info This vulnerability may allow and attacker to gain access to files that reside outside of the web root directory using a specially crafted URI that contains URL-encoded variations of directory traversal sequences...

Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This...

SGI IRIX <= 6.2 fsdump Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/355/info A number of vulnerabilities exist in the fsdump program included with Silicon Graphics Inc's IRIX operating system. Each of these holes can be used to obtain root privlilege. Variant 1: irix% /var/rfindd/fsdump...

Adobe Acrobat Reader (UNIX) 5.0 6,Xpdf 0.9x Hyperlinks Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially...

Click-Fraud Sefnit Variant Shuns Tor for SSH

Sefnit was the first malware family to shed light on the problem of botnets and other malicious code using the Tor anonymity network as a communication protocol. While others before and since have done the same, Sefnit made the biggest splash at the end of last summer when the botnet caused a 600...

Cryptolocker Ransomware makes different Bitcoin wallet for each victim

When you're online, you expose your vulnerability to malicious virus that have been growing in virulence and ferocity over the last few years. Among home PC users, you may think that you protected from malicious software by Installing an effective, trusted antivirus solution, but most if the...

DirtJumper Variant Drive Now Includes Mitigation Bypass

Drive, a variant of the do-it-yourself DDoS toolkit DirtJumper, holds a unique position among malware that organizations targeted by these debilitating attacks need to be aware of. Researchers at Arbor Networks revealed today that a new version of Drive has been spotted with features that enable ...

Citadel Banking Malaware Variant Delivers Localized Content

With builders for the Citadel Trojan freely available on any number of underground criminal forums, it’s no surprise to see some legs left in the malware despite a takedown of more than 1,400 Citadel botnets less than a month ago by U.S. law enforcement and Microsoft. A new variant has popped up ...

Threat Outbreak Alert: Fake Bank Payment Transfer Notification Email Messages on September 25, 2014

Low Alert ID: 29776 First Published: 2013 June 25 14:23 GMT Last Updated: 2014 September 25 19:02 GMT Version: 49 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank payment transfer notification for the recipient. The text in the...

[SECURITY] Fedora 18 Update: nagios-3.5.0-5.fc18

Nagios is a program that will monitor hosts and services on your network. It has the ability to send email or page alerts when a problem arises and when a problem is resolved. Nagios is written in C and is designed to run under Linux and some other NIX variants as a background process,...

New Dirt Jumper Variant 'Drive' More Refined Than Original

Researchers have detected new attacks originating from a souped-up variant of the DIY Dirt Jumper DDoS toolkit they’ve taken to calling Drive. While it hasn’t been seen spreading through any underground forums yet, the up-and-coming threat apparently boasts a “much more powerful DDoS engine than...

Threat Outbreak Alert: Fake Banking Account Information Email Messages on December 4, 2013

Low Alert ID: 29732 First Published: 2013 June 20 14:04 GMT Last Updated: 2013 December 6 18:22 GMT Version: 9 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a banking account information notification for the recipient. The text in th...