shellcode | DataProtectionCenter.com

ZeroAccess: code injection chronicles

26

Jun

2012

At the end of spring 2012, the rootkit family Win32/Sirefef and Win64/Sirefef (also known as ZeroAccess) was updated. We start tracking the first updated samples at the beginning of May when a new affiliation program started for the distribution of a new ZeroAccess version. The updated version of Sirefef doesn’t use kernel-mode drivers, as was […]

Category General Written by ESET ThreatBlog 0 Comments

Some shellcode de-mystified

22

Jun

2012

The shellcode described in this post was obtained from the Eleonore v1.2 exploit kit. High-level details about that kit are mentioned in my April 2012 blog post. This post is a technical view of the actual shellcode and is intended to be instructive to the inquisitive reader. Since this code is relatively old, the main […]

Category General Written by Microsoft Malware Protection Center 0 Comments

IE remote code execution vulnerability being actively exploited in the wild

19

Jun

2012

A critical Internet Explorer vulnerability, announced and patched by Microsoft in June’s Patch Tuesday, is being exploited in the wild.The vulnerability is CVE-2012-1875 (don’t expect any detail – this link is just boilerplate stuff), patched in MS12-037.SophosLabs has seen numerous attempts to exploit this vulnerability (Sophos products detect it as Exp/20121875-A). Cunningly-crafted JavaScript code – […]

Category General Written by Naked Security - Sophos 0 Comments

The Latest in IT Security

Posts Tagged ‘shellcode’

ZeroAccess: code injection chronicles

Some shellcode de-mystified

IE remote code execution vulnerability being actively exploited in the wild

Categories

Featured

Archives

Latest Comments

About Us

Contact Us