malware 썸네일형 리스트형 BEDEP Malware Tied To Adobe Zero-Days Continuing our analysis of the recent Adobe zero-day exploit, we find that the infection chain does not end with the Flash exploit, detected as SWF_EXPLOIT.MJST. Rather, the exploit downloads and executes malware belonging to the BEDEP family.Ties to BEDEP MalwareThis detail is rather interesting as this is not the first time an Adobe zero-day has used BEDEP malware as its final payload. Near th.. 더보기 Exploiting memory corruption bugs in PHP (CVE-2014-8142 and CVE-2015-0231) Part 1 Many people don't consider memory corruption bugs to be an issue for web-based applications. With XSS and SQL injection still being so wide spread, there is little room for concern for these types of bugs, as they're written off as "unexploitable" or plain ignored. However, these types of attack are much worse than SQLi or XSS, as The attacker gets guaranteed system accessIt can be difficult to .. 더보기 Create your own MD5 collisions A while ago a lot of people visited my site (~ 90,000 ) with a post about how easy it is to make two images with same MD5 by using a chosen prefix collision. I used Marc Steven'sHashClash on AWS and estimated the the cost of around $0.65 per collision. Given the level of interest I expected to see cool MD5 collisions popping up all over the place. Possibly it was enough for most people to know i.. 더보기 첩보 활동을 목적으로하는 「Pawn Storm 작전 '잘못된 iOS 응용 프로그램을 확인 트렌드 마이크로는 "Pawn Storm 작전 '의 조사를 계속하고 있었는데, 악의적 인 Pawn (체스)을 확인했습니다. 그것은 iOS 단말기에서 정보를 절취하도록 설계된 악성 프로그램입니다. Apple의 사용자를 노리는이 악성 프로그램은 그 자체도 매우 경계해야하지만, 또한 표적 형 사이버 공격에도 관련했습니다.■ "Pawn Storm 작전 '배경 ' Pawn Storm 작전 '은 경제 및 정치 첩보 활동을 목적으로 한 사이버 공격, 군사, 정부, 국방, 미디어를 중심으로 다양한 범위의 기업 및 기관을 노립니다 ."Pawn Storm 작전 '을 수행하는 사이버 범죄자는 대상이되는 실제 유명한 기업이나 기관에 접근하기 위하여 먼저 많은 조각을 이동하는 경향이 있습니다. 그리고 결국 표적으로 한 기업 · .. 더보기 cve 2015-0313 Adobe has started rolling out an update to Flash Player which fixes the zero-day vulnerability we discussed earlier this week. This particular vulnerability can be exploited via all major browsers (Internet Explorer, Firefox, and Chrome); however Chrome users are protected by that browser’s sandbox for its Flash plugin, protecting end users from any attacks. The patch brings the newest version o.. 더보기 Internet Explorer Cross-Site Scripting Vulnerability Analysis by Henry Li and Rajat KapoorSecurity researcher David Leo has disclosed a new vulnerability in Microsoft Internet Explorer. The vulnerability allows the same origin policy of the browser to be violated. The same-origin policy restricts how a document or script loaded from one origin/website can interact with a resource from another origin.Breaking the same-origin policy could allow an a.. 더보기 Exploit Kit Evolution - Neutrino This is a guest diary submitted by Brad Duncan.In September 2014 after the Neutrino exploit kit (EK) had disappeared for 6 months, it reappeared in a different form. It was first identified as Job314 or Alter EK before Kafeine revealed in November 2014 this traffic was a reboot of Neutrino [1].This Storm Center diary examines Neutrino EK traffic patterns since it first appeared in the Spring of .. 더보기 Exploiting “BadIRET” vulnerability (CVE-2014-9322, Linux kernel privilege escalation) Introduction CVE-2014-9322 is described as follows: arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. It was fixed on 23rd November 2014 with this commit. I.. 더보기 Angler Exploit Kit – New Variants On January 27th, Talos researchers began observing a new Angler Exploit Kit (EK) campaign using new variants associated with (CVE-2015-0311). Based on our telemetry data the campaign lasted from January 26th until January 30th with the majority of the events occurring on January 28th & 29th.Researchers detected the new campaign when referencing a known hash that was delivering the recent Flash 0.. 더보기 Exploring Control Flow Guard in Windows 10 As operating system developers are always keen on improving exploit mitigation technology, Microsoft has enabled a new mechanism in Windows 10 and in Windows 8.1 Update 3 (released last November) by fault. This technology is called Control Flow Guard (CFG).Previous mitigation techniques like address space layout randomization (ASLR) and Data Execution Prevention (DEP) have been successful in mak.. 더보기 이전 1 ··· 31 32 33 34 35 36 37 ··· 57 다음