Lucene search
K

17 matches found

The Hacker News
The Hacker News
added 2014/12/04 9:22 p.m.22 views

Operation Cleaver — Iranian Hackers Targeting Critical Infrastructure Worldwide

For over past two years, Iranian hackers have infiltrated computer networks of some of the world's top organizations including airlines, defense contractors, universities, military installations, hospitals, airports, telecommunications firms, government agencies, and energy and gas companies,...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2013/03/18 7:49 p.m.16 views

Using Kernel Exploits to Bypass Sandboxes for Fun and Profit

Researchers and attackers alike are quickly discovering you don’t need a fancy Java or Flash exploit to beat application sandboxes. Exploiting an unpatched kernel vulnerability in the underlying operating system, one that’s likely to stay unpatched for a long time, will do just fine. Twice this...

0.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2012/06/11 6:57 p.m.13 views

Attorney General Holder Announces Probe Into Cyberwar Leaks

U.S. Attorney General Eric Holder has issued an assignment to the U.S. District Attorneys to start an investigation into possible leaks of classified information, presumably by individuals within the Obama administration who recently spoke anonymously about the administration’s ties to the...

0.4AI score
Exploits0References6
The Hacker News
The Hacker News
added 2012/03/21 9:55 p.m.9 views

Face to Face with Duqu malware

Face to Face with Duqu malware Once again we discuss about Stuxnet, cyber weapons and of the malware that appears derivate from the dangerous virus. The international scientific community has defined a Stuxnet deadly weapon because been designed with a detailed analysis of final target environmen...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2012/02/10 3:2 p.m.13 views

Boldizar Bencsath

Boldizar Bencsath discussed several recent targeted attacks, including Duqu, an attack he experienced firsthand. Bencsath led a small group of researchers in September 2011 in the Laboratory of Cryptography and System Security CrSyS of Budapest University of Technology and Economics, to identify...

1.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.62 views

MS11-087: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)

The remote host is running a version of the Windows kernel that is affected by a remote code execution vulnerability. Specially crafted TrueType fonts are not properly handled, which could allow arbitrary code execution in kernel mode. A remote attacker could exploit this vulnerability by trickin...

9.3CVSS6.8AI score0.78285EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2011/11/16 5:7 p.m.12 views

Researchers 'Convinced' Duqu Written By Same Group as Stuxnet

Researchers are fairly confident now that whoever wrote the Duqu malware also was involved in some way in developing the Stuxnet worm. They’re also confident that they have not yet identified all of the individual components of Duqu, meaning that there are potentially some other capabilities that...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2011/11/11 3:19 p.m.9 views

Duqu Attackers Using Word Docs As Attack Vector

As the analysis of the Duqu malware continues to evolve, the picture that’s emerging is becoming more and more intriguing. The latest bits of evidence uncovered show that not only do the attackers create custom files for each individual attack, there is evidence indicating that they might have be...

0.7AI score
Exploits0References2
The Hacker News
The Hacker News
added 2011/11/06 6:24 a.m.7 views

Duqu malware was created to spy on Iran's nuclear program

Duqu malware was created to spy on Iran's nuclear program A Report by Kaspersky Lab Expert, Ryan Naraine says that the DUQU malware was created to spy on Iran's nuclear program. IrCERT Iran's Computer Emergency Response Team Duqu is an upgraded version of "Stars". Back in April this year, The...

9.3CVSS6.4AI score0.78285EPSS
Exploits1
CISA
CISA
added 2011/11/04 12:0 a.m.11 views

Microsoft Releases Security Advisory for Vulnerability in TrueType Font Parsing

Microsoft has released Microsoft Security Advisory 2639658 to address a vulnerability in the Win32k TrueType font parsing engine. By convincing a user to open a malicious email attachment, an attacker may be able to exploit this vulnerability and execute arbitrary code. Microsoft has indicated th...

7.2AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/11/04 12:0 a.m.39 views

MS KB2639658: Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege (DEPRECATED)

The remote host has an unspecified code execution vulnerability in the Win32k TrueType font parsing engine. Specially crafted TrueType fonts are not properly handled, which could allow arbitrary code execution in kernel mode. A remote attacker could exploit this vulnerability by tricking a user...

7AI score0.78285EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2011/11/03 7:11 p.m.15 views

No Fix for Duqu Bug in November Microsoft Patches?

Microsoft plans on shipping four bulletins, of which only one is rated critical, in the November edition of Patch Tuesday. But it looks doubtful that the company will issue a fix for the vulnerability discovered this week being used by the Duqu installer. The patch is set for release on Tuesday,...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2011/11/02 6:30 p.m.10 views

Microsoft Mum On Duqu Fix In November

Microsoft said that its looking into a reported zero day vulnerability in Windows that was used by the Duqu malware to spread, but isn’t committing to a patch for the problem in time for this months scheduled update. “Microsoft is collaborating with our partners to provide protections for a...

1.2AI score
Exploits0References3
The Hacker News
The Hacker News
added 2011/11/01 7:17 p.m.3 views

Windows Kernel Zero Day Vulnerability Found in Duqu Installer

Windows Kernel Zero Day Vulnerability Found in Duqu Installer Duqu malware attack exploited a zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan. The vulnerability has since been reported to Microsoft and Microsoft i...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2011/11/01 6:33 p.m.8 views

Duqu Installer Contains Windows Kernel Zero Day

A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn’t clear right...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2011/10/26 1:56 p.m.17 views

The Mystery of Duqu: Part Two

Our investigation and research of Duqu malware continues. In our previous report, we made two points: there are more drivers than it was previously thought; it is possible that there are additional modules. Besides those key points, we concluded that unlike the massive Stuxnet infections, Duqu...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2011/10/18 9:11 p.m.11 views

Analysis: Duqu Targets Certificate Authorities

With virus researchers scrambling to decode a new piece of malware that is based on the code of the Stuxnet worm, an analyst at McAfee is speculating that the new worm, Duqu, may have been created to target certificate authorities. Writing on McAfee’s research blog, Guilherme Venere and Peter Szo...

0.7AI score
Exploits0References4
Rows per page
Query Builder