Posts Tagged ‘address space’

Hesperbot – Technical analysis part 1/2

Sep

2013

Win32/Spy.Hesperbot is a new banking trojan that has been targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. For more information about its malware spreading campaigns and victims, refer to our first blog post. In this post we’ll cover the technical details of the malware, including the overall architecture, as […]

Category General Written by We Live Security 0 Comments

The Powerloader 64-bit update based on leaked exploits

Aug

2013

A few months ago on this blog I described PowerLoader functionality including an interesting way for privilege escalation into the explorer.exe system process. The leaked PowerLoader code is also used in other malware families. For example the Win32/Gapz dropper is based on leaked PowerLoader code. In August 2013 we have tracked a new modification of […]

Category General Written by We Live Security 0 Comments

Emerging ‘Stack Pivoting’ Exploits Bypass Common Security

May

2013

[This blog was primarily written by Xiaoning Li of Intel Labs, with assistance from Peter Szor of McAfee Labs.]In February 2013, the Adobe Product Security Incident Response Team (PSIRT) released security advisory APSA13-02. In that report they listed two vulnerabilities (CVE-2013-0640 and CVE-2013-0641) that were widely exploited. At Intel Labs and McAfee Labs we ran […]

Category General Written by Blog Central > McAfee Labs 0 Comments

The Latest in IT Security

Posts Tagged ‘address space’

Hesperbot – Technical analysis part 1/2

The Powerloader 64-bit update based on leaked exploits

Emerging ‘Stack Pivoting’ Exploits Bypass Common Security

Categories

Featured

Archives

Latest Comments

About Us

Contact Us