シマンテックセキュリティレスポンスは先日のブログで、Java のゼロデイ脆弱性を狙った攻撃が Cool 悪用ツールキットによって拡散され、活動中であることをご報告しました。Cool 悪用ツールキットのほかに、Blackhole、Redkit、Impact といったメジャーな悪用ツールキットも、パッチ公開前の今回の脆弱性を悪用していることが確認されています。 シマンテックは現在、各種の悪用ツールキットで拡散されている JAR ファイルを Trojan.Maljava として検出しますが、さらに Trojan.Maljava!gen26 の検出定義も追加したところです。 また、悪質な JAR ファイルや関連する悪用の試みを未然に遮断するために、シマンテックは以下の IPS シグネチャをリリースしました。 Web Attack: Malicious Java Download CVE-2013-
Fellow researcher Denis Laskov shared the infection chain of a new exploit pack with an impressive bunch of security researchers. For some reason, I got called to help and was more than willing to contribute by analyzing the Java applet delivered by this pack. Before I jump in, be sure you check out Denis’ blog post on this exploit pack. Here is the applet we will be looking at. As Denis mentioned
If you were looking for MSDN or TechNet blogs, please know that MSDN and TechNet blog sites have been retired, and blog content has been migrated and archived here. How to use this site Archived blogs are grouped alphabetically by the initial letter of the blog name. Select the initial letter from the TOC to see the full list of the blogs. You can also type the name of the blog or the title of the
The hackers who maintain Blackhole and Nuclear Pack — competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they’ve added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java. The curator of Blackhole, a miscreant who uses the nickname “Paunch,” announced yesterday on several Underweb
A new Java 0-day vulnerability has been discovered, already wind in use by an exploit pack, taking advantage of a fresh zero-day vulnerability in Java and potentially letting hackers take over users' machines. Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The flaw was first spott
Just a quick note, it’s only the second week of January, but early 2013 brings with it the first Java 0day mass exploit distribution of the year. There appears to be multiple ad networks redirecting to Blackhole sites, amplifying the mass exploitation problem. We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current Blackhole impl
The use of zero-day exploits in attacks has not been too far from the headlines of late. Today, Kafeine from Malware don't need Coffee has released a blog detailing yet another Java zero-day—Oracle Java Runtime Environment Unspecified Remote Code Execution Vulnerability (CVE-2013-0422)—active in the wild and distributed through the Cool Exploit pack. The good news, however, for Symantec customers
AlienVault R&D Labs Portal. Get the latest news from our research. Earlier this morning @Kafeine alerted us about a new Java zeroday being exploited in the wild. With the files we were able to obtain we reproduced the exploit in a fully patched new installation of Java. As you can see below we tricked the malicious Java applet to execute the calc.exe in our lab. The Java file is highly obfuscated
Last week we have seen ongoing attacks was exploiting a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 that came to light after the Council on Foreign Relations website was hacked and was hosting the code. Symantec has linked exploits to the group responsible for a spate of recent espionage attacks Dubbed the "Elderwood Project". In May 2012, Amnesty Internation
Forgot your password? Customers - Reset your password here. Partners - Reset your password using the Partner Portal. Are you a current Forcepoint partner or customer? Create Partner Account | Create Customer Account Get these benefits when you log into Forcepoint support: A personalized support experience for the products and versions you own. Access to thousands of Knowledge Base articles which a
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く