Posts Tagged ‘web attack’

Java Exploit CVE-2013-2432 Coverage

Apr

2013

Java vulnerabilities have always been popular among cybercriminals (exploit kits authors) since they can work across multiple browsers and even multiple operating systems, the potential for infecting large numbers of users is very high.On April 16, Oracle released its Java Critical Patch Update (CPU) for April 2013 that addressed vulnerabilities found in numerous supported products. […]

Category General Written by Symantec Security Response Blog 0 Comments

Latest Java Zero-Day Shares Connections with Bit9 Security Incident

Mar

2013

Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493). The final payload in the attack consisted of a DLL file, detected by Symantec as Trojan.Naid, which connects to a command-and-control (C&C) server at 110.173.55.187. Interestingly, a Trojan.Naid sample was also signed by the compromised Bit9 certificate […]

Category General Written by Symantec Security Response Blog 0 Comments

New Adobe PDF Zero-day Unleashes Trojan.Swaylib

Feb

2013

In a previous blog, Symantec reported on a new Adobe zero-day vulnerability (CVE-2013-0640, CVE-2013-0641) affecting Adobe Reader and Acrobat XI (11.0.1) and earlier versions, that was being actively exploited in the wild. Adobe has yet to release a patch for this zero-day, but in an advisory they have provided a means of mitigation against the […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘web attack’

Java Exploit CVE-2013-2432 Coverage

Latest Java Zero-Day Shares Connections with Bit9 Security Incident

New Adobe PDF Zero-day Unleashes Trojan.Swaylib

Categories

Featured

Archives

Latest Comments

About Us

Contact Us