tag
Vulnerability

Your Fantasy, A Criminal’s Dream

Fantasy sporting leagues have become very popular. A good friend of mine is into fantasy car racing teams. Other friends are into fantasy soccer (football elsewhere in the world). In the US a lot of people are into the fantasy NFL (National Football League –not soccer). Recently a researcher, Gary Rios, joined an ESPN sponsored

MouseOver, Game Over

In some computer programming languages there is an event called “mouseover”. This command is used to determine what happens when a user put the mouse over a specific object. When you put the mouse over a hyperlink and see where that link will take you, that is a “mouseover” command at work. When you place

Run! It’s the Fuzz!

Unfortunately, I'm not able to attend the CanSecWest 2010 conference in Vancouver this week, though I think Pierre-Marc will be there. I would have been more than a little interested in Charlie Miller's presentation on fuzzing Mac applications: that is, “…a method for discovering faults in software by providing unexpected input and monitoring for exceptions.” 

Operation Cyber ShockWave

While serving in the Marine Corps, one activity that I felt was effective in preparing both myself and my unit to be able to handle real-world scenarios, was getting as much experience as possible from military training exercises. In most cases multiple branches worked together or, as in the case with NATO exercises, multiple countries

Old MacDonald Bought the Farm IE IE 0-day

There is a vulnerability in Internet Explorer that Microsoft will patch tomorrow. Normally Microsoft releases patches on the second Tuesday of each month, but in the case Microsoft is making the patch available much sooner. The most probable reason for the “out of band” patch is that this vulnerability received a ton of attention as

Adobe, Javascript, and the CVE-2009-4324 Exploit

There has been quite a lot of traffic in the last few weeks about the doc.media.newPlayer vulnerability referenced in the CVE database as CVE-2009-4324. The following Adobe articles refer: http://www.adobe.com/support/security/advisories/apsa09-07.html http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html http://blogs.adobe.com/psirt/2009/12/security_advisory_apsa09-07_up.html Today's article at the Internet Storm Center by Bojan Zdrnja (http://isc.sans.org/diary.html?storyid=7867) gives a lot of detail on a particularly inventive exploit of the

September’s Global Threat Report

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number

Do Security Like a Pro (or not)

A report from SANS concludes that security professionals may not be paying attention to some of the biggest threats out there today. Not terribly long ago the Windows operating system was the attack target of the bad guys. There were tons of exploitable vulnerabilities and they were heavily exploited. Since that time Microsoft has put

M(b)ac(k) to the future

Mac security firm Intego blogged about Apple’s decision to include an antimalware component in Mac OS X 10.6 "Snow Leopard" and we agree that it is a good step, security-wise, to provide some basic protection against malware.  Apple has long mocked Microsoft, up to and including this 2006 advertisement which implied there were no viruses

CARO and AMTSO

In previous blogs, I mentioned that some of the presentations from the CARO workshop a couple of weeks ago were likely to be made available publicly. Unfortunately for non-attendees, most of the presentations are only available to people who were there: however, some can be downloaded by the public from here. In case I didn’t

Vulnerability Musings and Reflexive Thinking

Some of us are currently enjoying some excellent presentations at a CARO workshop in Budapest on exploits and vulnerabilities. Hopefully, some of them will eventually be made public, so that we’ll be able to include pointers to specific resources. While there’s been a great deal of technical detail made available that has passed me by

Targeted Malware and Microsoft

Microsoft issued an advisory last week – Microsoft Security Advisory (969136) "Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution" – that "could allow remote code execution if a user opens a specially crafted PowerPoint file." The advisory uses very similar language to Microsoft’s recent advisory on an Excel vulnerability, referring to "only…limited and

Patches Despatches

In a previous blog relating to Acrobat vulnerabilities, I suggested that you might want to sign up for Adobe’s alerts service. I did, but still haven’t received any news from it. However, it appears that The Register (or one of its sources) did, so I’m nevertheless aware that Adobe has released updates to address the

Excel Exasperation, Acrobat Aggro

As The Register has pointed out, the Microsoft Security Bulletin Advance Notification for March 2009 doesn’t mention a forthcoming patch for the Excel vulnerability we’ve already flagged in this blog here and here and here. Since, as John Leyden remarks, the exploit is being actively exploited, it may seem that Microsoft are not taking the issue seriously

Acrobat Amendment

A reminder about about the Acrobat reader vulnerability we blogged about several times recently (http://www.eset.com/threat-center/blog/?p=593, http://www.eset.com/threat-center/blog/?p=579, http://www.eset.com/threat-center/blog/?p=572). Remember I said "As we’ve said previously, disabling JavaScript, while it doesn’t address the underlying vulnerability, stops known exploits from working properly"? Predictably, there are now known exploits that don’t use the JavaScript heap spray trick. While I’m

Targeted Excel Malware Revisited.

Further to our blog last week on targeted attacks exploiting a vulnerability found in a number of Excel versions including  Mac versions, viewers, and the Open XML File Format Converter for Mac. While we already have a specific detection for the threat we call X97M/TrojanDropper.Agent.NAI, we also have generic detection for the exploit, flagged as X97M/Exploit.CVE-2009-0238.Gen. This detection

More Acrobatics

For the geekier among us wanting or needing to know more about the Adobe vulnerability that Randy and I both blogged on yesterday, here are a few resources: More from Shadowserver at http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090221 As we’ve said previously, disabling JavaScript, while it doesn’t address the underlying vulnerability, stops known exploits from working properly. There are rules

MS09-002 Exploits: Old Dogs, New Tricks?

A few days ago, I promised (threatened) to make some general points about biasing test results, but travel and other obligations have been getting in the way. I’ll get back to that very shortly, but in the meantime, I want to look at an issue with the latest round of Microsoft patches that I was

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
22 Sep 2010
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.