Tag: exploit
-
There is no evidence in-the-wild malware is using Meltdown or Spectre
Almost a month after the Meltdown and Spectre attacks against various CPUs were discovered and revealed to the public, there have been reports of the existence of malware that appears to be using the published proof-of-concept code. The source of these reports is a Google Plus post from testing organization AV-Test , which lists the…
-
There is no evidence in-the-wild malware is using Meltdown or Spectre
Almost a month after the Meltdown and Spectre attacks against various CPUs were discovered and revealed to the public, there have been reports of the existence of malware that appears to be using the published proof-of-concept code. The source of these reports is a Google Plus post from testing organization AV-Test , which lists the…
-
Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189
While avoiding the use of Flash is good advice for helping to fend off exploit kits, some of the vulnerabilities exploited by these kits actually target the browsers themselves. An important example of this is CVE-2016-0189, which affects Microsoft ‘s Internet Explorer browser versions 9 through 11. First discovered in the wild in targeted attacks…
-
Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189
While avoiding the use of Flash is good advice for helping to fend off exploit kits, some of the vulnerabilities exploited by these kits actually target the browsers themselves. An important example of this is CVE-2016-0189, which affects Microsoft ‘s Internet Explorer browser versions 9 through 11. First discovered in the wild in targeted attacks…
-
CVE-2012-0158 continues to be used in targeted attacks
30-month old vulnerability still a popular way to infect systems. If all you have to worry about are zero-day vulnerabilities, you have got things pretty well sorted. Although it is true that sometimes zero-days are being used to deliver malware (such as the recent use of CVE-2014-4114 by the SandWorm group), in many cases even…
-
VB2014 preview: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation
Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of the research that will be presented at the event. Today, we look at the paper ‘ Ubiquitous Flash, ubiquitous exploits and…
-
VB2014 preview: The three levels of exploit testing
Richard Ford and Marco Carvalho present an idea for how to test products that claim to detect the unknown. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of the research that will be presented at the event. Today, we look at the paper ‘ The…
-
Ruby on Rails vulnerability exploited in the wild
Code executed on web servers to cause them to join IRC botnet. A critical vulnerability in Ruby on Rails is currently being exploited to make web servers join an IRC botnet, Ars Technica reports . The vulnerability was discovered and subsequently patched at the beginning of this year, but many website owners haven’t applied the…
-
Microsoft offers fix-it for IE 8 zero-day
CVE-2013-1347 used in watering hole attacks. Following this weekend’s discovery of a new zero-day vulnerability in version 8 of Microsoft ‘s Internet Explorer browser, the company has released a ‘fix-it’ that addresses the known attack vectors. Last week (ironically on Labour Day), researchers at AlienVault discovered that the website of the US Department of Labor…
-
Vulnerabilities could trigger payload in emails upon receiving or opening
Flaws in IBM Notes and Exim/Dovecot easy to mitigate. Two recently discovered vulnerabilities in mail processing software could give an attacker access to a targeted system without the need for any links to be clicked or attachments to be opened. When email security experts talk about “malicious emails”, they usually mean emails with malware attached,…