The Latest in IT Security

Posts Tagged ‘java runtime environment’

In the first quarter of 2013, we spotted quite a few zero-day vulnerabilities affecting Oracle Java, Adobe Flash, Adobe Reader, and Microsoft Internet Explorer being exploited in the wild. This blog discusses the details of these zero-days exploited to spread malware in the first quarter of 2013. Java zero-day vulnerabilitiesDuring the month of January 2013, we […]

Read more ...

Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493).  The final payload in the attack consisted of a DLL file, detected by Symantec as Trojan.Naid, which connects to a command-and-control (C&C) server at 110.173.55.187. Interestingly, a Trojan.Naid sample was also signed by the compromised Bit9 certificate […]

Read more ...

In part 1 of this series, we talked about Dorkbot and its spreading mechanisms that required user interaction. In this post, we’ll talk about how Dorkbot spreads automatically, via drive-by downloads and Autorun files. Spreading vectors not requiring user interaction: Drive-by downloads and Autorun files Dorkbot can also spread automatically, without user interaction. We recently […]

Read more ...

Categories

SUNDAY, SEPTEMBER 23, 2018

Featured

Archives

Latest Comments

Social Networks