Researchers: Oracle’s Java Security Fails – Krebs on Security
Faced with an onslaught of malware attacks that leverage vulnerabilities and design weaknesses in Java, Oracle Corp. recently tweaked things so that Java now warns users about the security risks of running Java content. But new research suggests that the integrity and accuracy of these warning messages can be subverted easily in any number of ways, and that Oracle’s new security scheme actually pu
Anti-decompiling techniques in malicious Java Applets
Step 1: How this started While I was investigating the Trojan.JS.Iframe.aeq case (see blogpost) one of the files dropped by the Exploit Kit was an Applet exploiting a vulnerability: <script> document.write(‘<applet archive=“dyJhixy.jar” code=“QPAfQoaG.ZqnpOsRRk”><param value=“http://fast_DELETED_er14.biz/zHvFxj0QRZA/04az-G112lI05m_AF0Y_C5s0Ip-Vk05REX_0AOq_e0skJ/A0tqO-Z0hT_el0iDbi0-4pxr17_11r_09ERI
Endpoint Protection - Symantec Enterprise
Java.Cogyeka Recently there has been a lot of attention drawn to the vulnerabilities in Java and how they can lead to malware being created. However, it is worth noting that a vulnerability is not always required for malware to exist, as is the case with Java.Cogyeka. While this threat does not exploit any vulnerability in Java itself, it is written in the Java language and performs numerous malic
News from the Lab Archive : January 2004 to September 2015
A few days after Oracle released its critical patch for Java, and CVE-2013-2423 is already being exploited. Upon checking the history, the exploitation seems to have begun on April 21st and is still actively happening (as of this post): For a closer look, the image below contains a comparison of the classes found in the Metasploit module and that of the ITW sample: Interestingly, the Metasploit mo
CVE-2013-2423 integrating Exploit Kits
One week after Patch Java7u21 the vulnerability is being exploited in mass blind attack. ( First alert come from Timo Hirvonen with CrimeBoss and later CritXPack/SafePack. Will update for these EK as soon as i land on it) Cool EK: GET http://lekarskiejowlslight.ahmedpekin .net/works-softly.htm 200 OK (text/html) GET http://lekarskiejowlslight.ahmedpekin .net/hopeful_orchestra-surveyor_remove.jar 2
Quick Java Applet Analysis | Kahu Security
I saw a tweet from MalwareCrusaders earlier today about another obfuscated Java applet so I thought I would have a look. Details about where the applet came from is rather slim. Something important may be needed along the way (e.g. applet parameters) so I prefer getting PCAPs but I’ll give it a try nonetheless. MalwareCrusaders will be posting more details on this soon so I won’t go too deep here.
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Java based Cross platform malware targeting Apache Tomcat servers in the wild
Android Malware Eavesdrops on Users, Uses Google+ as Disguise
jre7u21 and earlier Click-2-Play Warning Bypass integrating Exploit Kits
Android Malware Eavesdrops on Users, Uses Google+ as Disguise
Android Malware Eavesdrops on Users, Uses Google+ as Disguise
Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit
Blogs
Blogs
CVE-2013-2465/CVE-2013-2471/CVE-2013-2463 integrating Exploit Kits -- jre7u21 CVE- jre6u45 and earlier
Naked Security – Sophos News
Popads loading up java exploits with “.jnlp” file | MalwareSigs
Naked Security – Sophos News
Unfixed Reflection API vulnerability reported in Java
Java enabled browsers are highly vulnerable