Posts Tagged ‘script engine’

Symantec Protections for Red October

Jan

2013

An advanced cyber-espionage network targeting high-profile organizations and governments has recently been unveiled. The main attack method being used in this campaign is spear phishing.The spear phishing emails contain Word document or Excel spreadsheet attachments that exploit three known vulnerabilities in order to compromise computers. The vulnerabilities used are: Microsoft Excel ‘FEATHEADER’ Record Remote Code […]

Category General Written by Symantec Security Response Blog 0 Comments

The Shylock “LNK” Awakening

Aug

2012

A new development observed in the sophisticated financial banking Trojan.Shylock highlights the ongoing evolution of this threat. Shylock, a threat first observed by Trusteer in September 2011, was named after a character in the Shakespeare play the ‘Merchant of Venice’ due to quotes from the play being found in the original binary code. Symantec has […]

Category General Written by Symantec Security Response Blog 0 Comments

3-2-1 WordPress vulnerability leads to possible new exploit kit

Jan

2012

This past weekend one compromised Web site in particular caught my attention. Based on my analysis, the site was compromised because it was running an old version of WordPress (3.2.1) that is vulnerable to publicly available exploits [1] [2]. The Web site injection is only somewhat interesting. What is more interesting is the redirection chain and resulting […]

Category Security Written by Websense 1 Comment

The Latest in IT Security

Posts Tagged ‘script engine’

Symantec Protections for Red October

3-2-1 WordPress vulnerability leads to possible new exploit kit

Categories

Featured

Archives

Latest Comments

About Us

Contact Us