Showing 13 results for: June 2012 ×Security Research ×

Analyzing PDF Malware - Part 3B

Part 3B of a demonstration on analyzing malware embedded within a suspicious PDF document. This part specifically deals with static analysis of discovered shellcode.

TrustKeeper Scan Engine Update

Summary Last Saturday, an authentication bypass vulnerability for MySQL and MariaDB (CVE-2012-2122) was released that could allow root access to the data within a given database instance. If you would like to know more about this vulnerability, please see our...

MySQL/MariaDB: Trade You a Banana for Root Access?

Summary Over the weekend, an Authentication Bypass Vulnerability for MySQL and MariaDB (CVE-2012-2122) was released by Sergei Golubchik of Monty Program Ab (link). The vulnerability is trivial to exploit and has the potential to expose root user access to the...

The Return of Zuc.A and and Ancient OSX Viruses?

A few weeks ago I caught a tweet from Chris Wysopal (@WeldPond) noticing how the new version of Microsoft Security Essentials had detected the Zuc.A virus on his machine. You might think that's really cool how Microsoft gives away free...

Discussions on Targeted Attacks

Even though targeted attacks performed by groups such as LulzSec and Anonymous has gotten less headlines recently, in general the number of targeted attacks in the past few months have increased. The motivation behinds such attacks vary; for instance, the...

Rogue Certificates Set on Flame

It was only a matter of time before we felt Flame's aftershock. Yesterday morning it finally happened. Microsoft published an emergency Security Advisory 2718704 and an associated patch that revokes trust from three intermediate CA certificates: Microsoft Enforced Licensing Intermediate...

Defeating Flame String Obfuscation with IDAPython

Like many other security research firms, SpiderLabs Research has been actively investigating the Flame (a.k.a. sKyWIper) malware that was revealed earlier this week. For those unaware of what Flame is, I'll provide a very brief summary. Essentially, Flame is a...