decrypted | DataProtectionCenter.com

The Mystery of Duqu: Part Five

15

Nov

2011

Driver The driver is the first component of Duqu to be loaded in the system. As we discovered, the driver and other components of malware are installed with a dropper exploiting a 0-day vulnerability (CVE-2011-3402). The driver is registered in the HKLM\System\CurrentControlSet\Services\ registry path. The exact name of the registry key varies in different versions […]

Category General Written by Securelist / Blog 0 Comments

CVE-2011-2110 for Adobe Flash Player being exploited in the wild

18

Jun

2011

Earlier this week Adobe released security updates for several of their products and now the CVE-2010-2110 vulnerability in Flash Player is actively being used in drive-by and spear-phishing attacks. Websense customers are protected from this scam by ACE, our Advanced Classification Engine. The vulnerability is triggered when a website is viewed in a browser that has […]

Category Security Written by Websense 0 Comments

Win32/Alureon brings back old school virus techniques, enhanced

16

May

2011

In 1999, a new virus, Win32/Crypto, was discovered. It was using brute-force attacks against its encryption key to decrypt its body. Today, in 2011, variants of Win32/Alureon are bringing this old-school technique back to life, with some extra naughtiness, as you will see below. While working recently on different Win32/Alureon samples, we noticed some behaviour […]

Category General Written by Microsoft Malware Protection Center 0 Comments

The Latest in IT Security

Posts Tagged ‘decrypted’

The Mystery of Duqu: Part Five

CVE-2011-2110 for Adobe Flash Player being exploited in the wild

Win32/Alureon brings back old school virus techniques, enhanced

Categories

Featured

Archives

Latest Comments

About Us

Contact Us