The Latest in IT Security

Posts Tagged ‘malicious java’

While researching PlugX propagation with the use of Java exploits we stumbled upon one compromised site that hosted and pushed a malicious Java applet exploiting the CVE 2013-0422 vulnerability. The very malicious Java application was detected heuristically with generic verdict for that vulnerability and it would have been hardly possible to spot that particular site […]

Read more ...

Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493).  The final payload in the attack consisted of a DLL file, detected by Symantec as Trojan.Naid, which connects to a command-and-control (C&C) server at 110.173.55.187. Interestingly, a Trojan.Naid sample was also signed by the compromised Bit9 certificate […]

Read more ...

If you receive such a message containing an HTML page attached, don’t open it. The email pretends to come from “craigslist – automated message, do not reply <[email protected]>” and has the subject ”Efax Corporate”. What I find interesting is that the fraudsters didn’t even bother to write JS code to detect if the script runs […]

Read more ...


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments