January 2013 -

Archives - January 2013

Walking through Win32/Jabberbot.A

Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol). We’ve seen binary protocols (Win32/Peerfrag, aka Palevo). We’ve seen other custom protocols that leverage other standard protocols such as HTTP (Win32/Georbot), DNS (Morto)and IRC (Win32/AutoRun.IRCBot.AK),

More on that Java vulnerability

  [Update 2: a note for Mac users in Turn off that Java Lamp. And Brian Krebs notes that Oracle Ships Critical Security Update for Java] [Update to a link at java.com offering more information on disabling Java in web browsers.] This is a quick pointer to blogs posted by our colleagues in Spain and in

Java 0-Day Exploit CVE-2013-0422

The infamous exploit packs Blackhole and Nuclear Pack now feature a new zero-day Java exploit that exploits the Java vulnerability CVE-2013-0422. The latest version of Java 7 Update 10 is affected. Malware spreading through drive-by-downloads often utilizes exploit packs, which are able to serve malware variants without any user interaction, as opposed to other techniques