The Latest in IT Security

Posts Tagged ‘zero days’

In the first quarter of 2013, we spotted quite a few zero-day vulnerabilities affecting Oracle Java, Adobe Flash, Adobe Reader, and Microsoft Internet Explorer being exploited in the wild. This blog discusses the details of these zero-days exploited to spread malware in the first quarter of 2013. Java zero-day vulnerabilitiesDuring the month of January 2013, we […]

Read more ...

Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493).  The final payload in the attack consisted of a DLL file, detected by Symantec as Trojan.Naid, which connects to a command-and-control (C&C) server at 110.173.55.187. Interestingly, a Trojan.Naid sample was also signed by the compromised Bit9 certificate […]

Read more ...

Yesterday, Adobe released an out of cycle patch that fixed two zero-day vulnerabilities (CVE-2013-0633, CVE-2013-0634) for Adobe Flash Player 11.5.502.146 and earlier versions for both Windows and Macintosh. The patch was released because the zero-days were being actively exploited for attacks in the wild. Symantec recommends applying the patch immediately. Reports of the attack seen in […]

Read more ...


Categories

MONDAY, DECEMBER 09, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments