Since the publication of our report, our colleagues from Seculert have discovered and posted a blog about the usage of another delivery vector in the Red October attacks. In addition to Office documents (CVE-2009-3129, CVE-2010-3333, CVE-2012-0158), it appears that the attackers also infiltrated victim network(s) via Java exploitation (MD5: 35f1572eb7759cb7a66ca459c093e8a1 – ‘NewsFinder.jar’), known as the […]
News of the ‘unknown’ and underground zero-day in Adobe Reader is all over the place. Because of its supposed noteworthy features, including the capability to defeat Adobe’s sandbox feature, users are alarmed – and rightfully so. But the situation is not without hope.With this entry, my aim is to explain to our customers what this […]
A day or two ago, our friends at Symantec released a blog post about the growing success of "ransomware". (They also have a whitepaper here, and a nice gallery of screenshots of several variations here.) Briefly, ransomware is malware that either locks up a computer, or encrypts data files, and then offers to restore access […]
Latest Comments