Once again, attackers are leveraging a previously unknown critical security hole in Java to break into targeted computers. Interestingly, the malware and networks used in this latest attack match those found in the recently disclosed breach at security firm Bit9. The discovery of the Java zero-day is being co-credited to FireEye and CyberESI, two companies that specialize in tracking cyber espiona
Latest Java Zero-Day Shares Connections with Bit9 Security Incident Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493). The final payload in the attack consisted of a DLL file, detected by Symantec as Trojan.Naid, which connects to a command-and-control (C&C) server at 110.173.55.187. Int
The hackers who maintain Blackhole and Nuclear Pack — competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they’ve added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java. The curator of Blackhole, a miscreant who uses the nickname “Paunch,” announced yesterday on several Underweb
A new Java 0-day vulnerability has been discovered, already wind in use by an exploit pack, taking advantage of a fresh zero-day vulnerability in Java and potentially letting hackers take over users' machines. Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The flaw was first spott
The use of zero-day exploits in attacks has not been too far from the headlines of late. Today, Kafeine from Malware don't need Coffee has released a blog detailing yet another Java zero-day—Oracle Java Runtime Environment Unspecified Remote Code Execution Vulnerability (CVE-2013-0422)—active in the wild and distributed through the Cool Exploit pack. The good news, however, for Symantec customers
Since everyone knows about this, I can finally share my piece. Here’s the landing page which is all Javascript. The script is using “Dadong’s JSXX 0.44 VIP” Javascript obfuscator. This isn’t the first time Dadong’s obfuscator has been used with Chinese packs that carry the latest exploits. This apparently is the latest version. The tamper-proof script uses a technique that acts like callee on ster
Alienvault R&D Labs Portal. Get the latest news from our research. A few hours ago, FireEye published some information related to a new Java 0day exploited in the wild. The malicious JAR file was served from ok.aa24.net / meeting / index.html The html loads the Java applet passing some parameters that are used later to build the URL to download the payload. The HTML is encrypted using “Dadong’s JS
Forgot your password? Customers - Reset your password here. Partners - Reset your password using the Partner Portal. Are you a current Forcepoint partner or customer? Create Partner Account | Create Customer Account Get these benefits when you log into Forcepoint support: A personalized support experience for the products and versions you own. Access to thousands of Knowledge Base articles which a
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く