0 day


Introduction Last month, iSightPartners revealed a Microsoft Office zero-day leveraged in a targeted attack by a Russian cyber espionage team. This vulnerability has been patched in Microsoft bulletin MS15-070. CVE-2015-2424 was assigned to this vulnerability. In this blog post, we will discuss the nature of the vulnerability to give some insights to other researchers for understanding and detecting this specific Word vulnerability. Multi-directory entries chaining We first extracted the embedded objects inside the exploit document... [Read More]
by RSS Wayne Chin Yick Low  |  Sep 01, 2015  |  Filed in: Security Research
Today, Adobe has released a new announcement of vulnerabilities, 3 of which were discovered by researchers at FortiGuard Labs. Adobe Flash and Shockwave continue to be a challenge for organizations and vendors to keep secure. Memory corruptions can lead to the development of zero-day exploits against systems and there are overlaps in feature sets between versions of Shockwave and Flash. FortiGuard Lab researchers are finding chatter among hacker groups that leads us to believe attackers are still finding Flash and Shockwave as a viable and... [Read More]
by RSS Aamir Lakhani  |  Jul 14, 2015  |  Filed in: Industry Trends & News
Are we losing the fight against malware and the hackers who are making every day a zero day? ***** MAY CONTAIN SPOILERS ***** Few authors are as skilled as GRRM when it comes to killing off important characters. Clearly, that oft-uttered phrase from the eastern continent, “valar morghulis”, is not just an empty bit of High Valyrian for the Game of Thrones author. For the two or three of you out there who haven’t heard of fierce tween, Arya Stark, utter the phrase valar morghulis, it literally translates to “All... [Read More]
by RSS Chris Dawson  |  Apr 10, 2015  |  Filed in: Industry Trends & News
Angler/Flash 0-day FAQ Version 1.1 - Friday, January 23 15:45PST This document will be updated and maintained as new or updated information becomes available. Continue to check this page for updates.   What is Angler? The Angler Exploit Kit (EK) is a toolkit used by malware authors and cybercriminals to deliver other pieces of malware. Typically these exploit kits are used in compromised websites that victims are guided to through links and phishing emails in order to infect victims.  What has happened? Noted malware... [Read More]
by RSS Richard Henderson  |  Jan 22, 2015  |  Filed in: Industry Trends & News
Let's face it, Advanced Persistent Threatsare becoming smarter, and well, more advanced. It's no secret that cybercriminals are developing more sophisticated and subtle attacks equipped with a slew of highbrow features such as self-awareness and the ability to stealthily dodge countless security systems. With intelligence as the weapon of choice, attacks are more dangerous than they ever have been. As such, advanced threats require an equally robust security system to effectively stop them in their tracks. Signature-based solutions often won't... [Read More]
by RSS Stefanie Hoffman  |  Dec 05, 2013  |  Filed in: Industry Trends & News
Unless you're on a trek in the Himalayas, by now you've probably heard one way or another that the infamous "Jailbreakme" website is back to free iPhones (including iPhones 4 running iOS 4.0.1) and iPads : it's just everywhere on the web, even with videos and tutorials. However, fewer resources address the technical aspect of jailbreaking. You might have found out that the online jailbreaking tool is resorting to a drive-by-script exploiting a 0-day vulnerability. We'll try and provide a few other technical findings below. First, let's connect... [Read More]
by RSS Axelle Apvrille  |  Aug 05, 2010  |  Filed in: Security Research