vulnerability | Page 7

Hong Kei Chan, Junior AntiVirus Analyst On April 26, 2014, Microsoft published an advisory for a critical vulnerability in Internet Explorer (CVE-2014-1776) that would allow attackers to perform remote code execution. This zero-day vulnerability affects Internet Explorer 6 through 11, but is targeted mostly toward IE 9 through 11. The attack exploits the use-after-free vulnerability in IE by utilizing Adobe Flash Player to bypass the Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR). This blog post will step through... [Read More]
by RSS Hong Kei Chan  |  May 27, 2014  |  Filed in: Security Research
Today Adobe announced an out-of-cycle emergency patch for their ubiquitous Flash Player software. The patch impacts Windows, Mac OS X and Linux users of Flash Player. Normally when a patch like this is released, it is due to an unpatched vulnerability being actively exploited in the wild and impacting users. Adobe's full bulletin can be read here; it appears that this is a remote code execution vulnerability that would allow an attacker to deliver malware to their target computer. I would encourage all users to update their computers right away,... [Read More]
by RSS Richard Henderson  |  Feb 04, 2014  |  Filed in: Industry Trends
Zerg Rush - Image courtesy of As you probably do not know, I am a StarCraft II player. I really hadn't expected it to be of any use to my job as an analyst, until yesterday where I read this tweet: "I don't even know what 'zerg rush' means and now I can't google for answer either" This is about the first time I am going to be able to boast for some StarCraft culture! Yeah! :)) StarCraft is real time strategy game developed by Blizzard. It features three different races: Zerg, Terran, Protoss. Each race... [Read More]
by RSS Axelle Apvrille  |  Jun 19, 2012  |  Filed in: Security Research
A few days ago, Jon Larimer and Jon Oberheide published a vulnerability for Android platforms < 2.3.6. David Maciejak and I were curious to run it on an Android phone. Result: it runs perfectly :( So, what is this to us? Well, it’s a new way to root Android phones running 2.3.4. We already had exploits for that on versions prior to 2.1 or 2.2. (uDev and rageinthecage exploits), or prior to 2.3.4, or 3.0 (gingerbreak/honeybomb), but nothing in between for 2.3.4/2.3.5. And because rooting a phone is particularly valued by malware... [Read More]
by RSS Axelle Apvrille  |  Nov 25, 2011  |  Filed in: Security Research
We are pretty busy these days with malicious samples on Android. You probably haven't missed DroidDream (Android/DrdDream.A!tr) which trojaned several applications on the Android Market and several blog posts on the matter: Lookout explains how the malware was discovered, which applications it targets and whether you should be concerned or not. By the way, we thank them for sharing samples with us. AndroidPolice explains the malware uses the rageagainstthecage root exploit, and that malicious applications have been pulled out of the market Kaspersky... [Read More]
by RSS Axelle Apvrille  |  Mar 03, 2011  |  Filed in: Security Research