malware 썸네일형 리스트형 How exploit packs are concealed in a Flash object One of the most important features of a malicious attack is its ability to conceal itself from both protection solutions and victims. The main role in performing a hidden attack is played by exploits to software vulnerabilities that can be used to secretly download malicious code on the victim machine. Generally, exploits are distributed in exploit packs which appear in the form of plugin detect.. 더보기 No iOS Zone” – A New Vulnerability Allows DoS Attacks on iOS Devices In today’s RSA Conference presentation, (Tuesday, April 21, 2015 | 3:30 PM – 4:20 PM | West | Room: 2001) Adi Sharabani, CEO and my fellow co-founder at Skycure, and I covered the lifecycle of vulnerabilities and vendor pitfalls. We also shared some details about a vulnerability our team recently identified in iOS 8 — a vulnerability that we are currently working with Apple to fix.In this post, .. 더보기 Phoenix: RootPipe lives! ...even on OS X 10.10.3 Recently, a new OS X priv-esc vulnerabilty named 'rootpipe' was disclosed. Apple attempted to patch the vulnerability in OS X 10.10.3, by adding access checks via a new private entitlement:com.apple.private.admin.writeconfig. (see @osxreverser's excellent writeup for details). In theory this seemed a reasonable fix. However, on my flight back from presenting at Infiltrate (amazing conference btw.. 더보기 Analysis Of MS15-034 By now you’ve undoubtedly heard about MS15-034. The following is a collection of my cursory research and thoughts on this vulnerability.In addition, here is a small list of related resources, some of which I also reference in the sections that follow:Microsoft Security Bulletin MS15-034 (Microsoft)The Delicate Art of Remote Checks – A Glance Into MS15-034 (Beyond Trust)MS15-034: HTTP.sys (IIS) D.. 더보기 Solarbot botnet Solarbot, a.k.a. Dapato or Napolar, is a classical botnet that has been around for a long time. It is usually used for spreading other malware. Like its competitors, this malware often comes with built-in DDoS and proxy modules. The most recent version of Solarbot attempts to add Tor network support to conceal its C&C server. However, it seems that this feature is either still undergoing develop.. 더보기 The Chronicles of the Hellsing APT: the Empire Strikes Back IntroductionOne of the most active APT groups in Asia, and especially around the South China Sea area is "Naikon". Naikon plays a key part in our story, but the focus of this report is on another threat actor entirely; one who came to our attention when they hit back at a Naikon attack.Naikon is known for its custom backdoor, called RARSTONE, which our colleagues at Trend Micro have described in.. 더보기 Taking a Close Look at Data-Stealing NionSpy File Infector W32/NionSpy is a family of malware that steals information from infected machines and replicates to new machines over networks and removable thumb drives. Aside from stealing keystrokes, passwords, Bitcoins, system information, and files on disk, NionSpy (also known as Mewsei and MewsSpy) can record video (using the webcam), audio (using the microphone), take screenshots, and use infected machin.. 더보기 Fiesta Exploit Kit Spreading Crypto-Ransomware – Who Is Affected? Exploits kits have long been used to deliver threats to users, but they seem to have gone retro: it was recently being used to deliver fake antivirus malware.We closely monitor exploit kit activity because of their widespread use (we discussed their use in malvertising recently), so it was no great surprise to see the Fiesta exploit kit being used to deliver crypto-ransomware. The choice of expl.. 더보기 Without a Trace: Fileless Malware Spotted in the Wild With additional analysis from David AgniImprovements in security file scanners are causing malware authors to deviate from the traditional malware installation routine. It’s no longer enough for malware to rely on dropping copies of themselves to a location specified in the malware code and using persistence tactics like setting up an autostart feature to ensure that they continue to run. Securi.. 더보기 GOZ and CryptoLocker Malware Affecting Users Globally GOZ and CryptoLocker are two of the most notorious malware that we have seen as of late. CryptoLocker is a ransomware that not only locks the system it affects, but also encrypts certain files found in the system's hard drive. This may be a tactic to ensure that the victim pays the ransom, as there is no other way to decrypt the files but with a key that the cybercriminals responsible can only p.. 더보기 이전 1 ··· 22 23 24 25 26 27 28 ··· 57 다음