Contrary to initial reports, JACKSBOT may not be as low risk as initially thought. We noted some JACKSBOT infection in the wild, indicating that the people behind this multiplatform malware are saving their best tricks for last.We analyzed the JACKSBOT backdoor family (specific detection name JAVA_JACKSBOT.A) that arrives as a Java application. Because it is […]
A few weeks ago, we wrote about the Oracle Java Runtime Environment Remote Code Execution Vulnerability (CVE-2012-4681) being used in a targeted attack campaign by the Nitro attackers. Recently, we have discovered another group exploiting this vulnerability in the wild: the Taidoor attackers.The Taidoor attackers began utilizing the vulnerability when the proof of concept (POC) […]
On August 26, FireEye reported the discovery of a critical vulnerability in Java Runtime Environment versions 1.7x, which was designated as CVE-2012-4681. Oracle released a security patch only on August 30, and, therefore, the vulnerability remained unclosed for at least four days-an opportunity criminals were quick to take advantage of. Doctor Web determined that a […]
Latest Comments