Posts Tagged ‘local settings’

ZeroAccess: code injection chronicles

Jun

2012

At the end of spring 2012, the rootkit family Win32/Sirefef and Win64/Sirefef (also known as ZeroAccess) was updated. We start tracking the first updated samples at the beginning of May when a new affiliation program started for the distribution of a new ZeroAccess version. The updated version of Sirefef doesn’t use kernel-mode drivers, as was […]

Category General Written by ESET ThreatBlog 0 Comments

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

Jun

2012

SophosLabs has been monitoring a new strain of the infamous ZeroAccess rootkit that has been hitting the internet over the last few weeks.ZeroAccess is a sophisticated kernel-mode rootkit that enslaves victim PCs, adding them to a peer-to-peer botnet from which they receive commands to download other malware. The rootkit has undergone several revisions since its […]

Category General Written by Naked Security - Sophos 0 Comments

CVE-2012-0158 Exploit in the Wild

Apr

2012

Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and some other Microsoft products. This exploit can be implemented in a variety of file formats, including RTF, Word, and Excel files. We have already found crafted RTF and Word files in the wild. In the […]

Category General Written by Blog Central > McAfee Labs 0 Comments

The Latest in IT Security

Posts Tagged ‘local settings’

ZeroAccess: code injection chronicles

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

CVE-2012-0158 Exploit in the Wild

Categories

Featured

Archives

Latest Comments

About Us

Contact Us