malware 썸네일형 리스트형 Bypassing Microsoft’s Patch for the Sandworm Zero Day: Even ‘Editing’ Can Cause Harm This is the second part of our analysis of the Sandworm OLE zero-day vulnerability and theMS14-060 patch bypass. Check out the first part here.Microsoft’s PatchFrom our previous analysis we’ve learned that the core of this threat is its ability to effectively right-click a file. Now, let’s see what Microsoft did in its patch MS14-060.With a little bit of help from patch diffing, we can easily sp.. 더보기 Using SystemTap to determine the exploitability of unbound memory overflows Hello, my name is Nikos Naziridis and I am a security researcher at CENSUS. In this post, I will present how SystemTap and kernel instrumentation in general, could be used to aid the process of determining the exploitability of unbound memory overflows and the detection of thread race condition bugs.IntroductionFor the reader who is not familiar with SystemTap and the concepts of kernel instrume.. 더보기 ELF Parsing Bugs by Example with Melkor Fuzzer Too often the development community continues to blindly trust the metadata in Executable and Linking Format (ELF) files. In this paper, Alejandro Hernández walks you through the testing process for seven applications and reveals the bugs that he found. He performed the tests using Melkor, a file format fuzzer he wrote specifically for ELF files. Introduction The ELF file format, like any other .. 더보기 Root Cause Analysis of CVE-2014-1772 – An Internet Explorer Use After Free Vulnerability We see many kinds of vulnerabilities on a regular basis. These range from user-after-free (UAF) vulnerabilities, to type confusion, to buffer overflows, to cross-site scripting (XSS) attacks. It’s rather interesting to understand the root cause of each of these vulnerability types, so we looked at the root cause of an Internet Explorer vulnerability - CVE-2014-1772.We’d privately disclosed this .. 더보기 FROM 0-DAY TO EXPLOIT – BUFFER OVERFLOW IN BELKIN N750 (CVE-2014-1635) A vulnerability in the guest network web interface of the Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit Router with firmware F9K1103_WW_1.10.16m, allows an unauthenticated remote attacker to gain root access to the operating system of the affected device. The guest network functionality is default functionality and is delivered over an unprotected wifi network.Successful exploitation of the vulnerab.. 더보기 CVE-2014-4115 Analysis: Malicious USB Disks Allow For Possible Whole System Control One of the bulletins that was part of the October 2014 Patch Tuesday cycle was MS14-063 which fixed a vulnerability in the FAT32 disk partition driver that could allow for an attacker to gain administrator rights on affected systems, with only a USB disk with a specially modified file system. This vulnerability as also designated as CVE-2014-4115.Why is this vulnerability unusual?We pay close at.. 더보기 An Analysis of A Windows Kernel-Mode Vulnerability (CVE-2014-4113) Three zero-day vulnerabilities - CVE-2014-4114, CVE-2014-4148, and CVE-2014-4113 - were reported last week and patched by Microsoft in their October 2014 Patch Tuesday. CVE-2014-4114, also known as the Sandworm vulnerability, can enable attackers to easily craft malware payloads when exploited.This particular vulnerability has been linked to targeted attacks against European sectors and industri.. 더보기 Root Cause Analysis of CVE-2014-1772 – An Internet Explorer Use After Free Vulnerability We see many kinds of vulnerabilities on a regular basis. These range from user-after-free (UAF) vulnerabilities, to type confusion, to buffer overflows, to cross-site scripting (XSS) attacks. It’s rather interesting to understand the root cause of each of these vulnerability types, so we looked at the root cause of an Internet Explorer vulnerability - CVE-2014-1772.We’d privately disclosed this .. 더보기 Tearing down CryptoWall There are not many things that can ruin a day as much as an attacker holding your files for ransom. There are feelings of violation, as they have clearly tampered with your private data, a pit in your stomach when you see how much it will cost to get your files back, and overwhelming guilt as you weigh the pros and cons of actually paying these low life criminals. Many have been feeling these em.. 더보기 ROM – A New Version of the Backoff PoS Malware A few months have passed since the release of the “Backoff” point-of-sale (PoS) malware advisory, but Backoff and other PoS malware continue to be an active threat as businesses keep reporting data breaches and the compromise of their customers’ financial information.We have recently encountered a new version of the Backoff malware family, which we are detecting asW32/Backoff.B!tr.spy. Unlike pr.. 더보기 이전 1 ··· 39 40 41 42 43 44 45 ··· 57 다음