Showing 42 results for: Secure Web Gateway ×

Deep Analysis of CVE-2014-0502 – A Double Free Story

A lot has already been said about CVE-2014-0502, the Adobe Flash Player zero-day that was part of a targeted attack that infected several nonprofit organizations’ websites. Several interesting aspects of the exploit were covered in various blog posts; including its...

Beware! Bats hide in your jQuery!

Injection of malicious code into JavaScript files is not new; however, we recently observed a steep increase in the use of this method, particularly in jQuery libraries, in order to redirect users to malicious web pages. Why has injecting malicious...

DaumGame ActiveX 0day

One might think that vulnerabilities in ActiveX controls are a thing of the past, but we continue to find evidence that they have not. Just this year, dozens of vulnerabilities have been discovered. In some cases an ActiveX exploit is...

Look What I Found: It's a Pony!

Every once in a while we get to peek into the lion's den, this time we'll be checking out a fairly large instance of the Pony botnet controller, containing a large amount of stolen credentials and other goodies. Pony, for...

Mayday! 0-Day

While many workers around the world were celebrating the May 1st events, the US Department of Labor website got hacked and was used to redirect browsers to a 3rd party site which served a new IE 8 0day exploit, known...

Java is So Confusing...

It's been a short while, but we find ourselves again with a Java vulnerability in our hands, this time via a PoC provided by IKVM.NET. This particular vulnerability is somewhat different than most java vulnerabilities we run into, but feels...

Fresh Coffee Served by CoolEK

As you may already know, the past few months have been problematic to Oracle when it comes to security issues discovered in the popular and notorious Java browser plugin. The latest vulnerability that has been spotted to be exploited in...

Microsoft Patch Tuesday, January 2013 - Part II

It's now official, there is another bulletin (MS13-008) release for the month of January and affected Microsoft Windows users should be expecting a out-band security patch soon. This out-of-band security patch fixes one memory corruption vulnerability discovered in Internet Explorer...

First Java 0day For The Year 2013

Today @Kafeine was the first to announce the new Java 0day. This 0day allows an attacker to execute malicious code on any desktop with Java 1.7 u10 (or prior) installed – which is the latest version from Oracle. After some...

Blackhole Exploit Kit v2

A few days ago a new version of THE most common exploit kit was released. Unlike most exploit kit authors, who try to keep a low profile, the author of Blackhole publishes his work in Russian forums and even writes...

It's a sunny (zero) day for Java

Java exploits have been used for distributing malware for a while. See for example our blog post from last month. Today a new Java 0-day vulnerability has surfaced up. It came with a public PoC armed and ready for exploitation,...

Wham Bam, the Cutwail/Blackhole Combo

Over the past few weeks we have seen a resurgence of malicious spam with links leading off to the Blackhole exploit kit. Last week about 2% of spam hitting our traps fell into this category, which is pretty significant given...

Internet Explorer Vulnerabilities Gone Wild

It's a busy time for Internet Explorer: Patch Tuesday addressed quite a few issues in IE, and an additional advisory for a 0-day vulnerability which has been exploited in the wild, also in Internet Explorer, soon followed. Naturally, when IE...

Rogue Certificates Set on Flame

It was only a matter of time before we felt Flame's aftershock. Yesterday morning it finally happened. Microsoft published an emergency Security Advisory 2718704 and an associated patch that revokes trust from three intermediate CA certificates: Microsoft Enforced Licensing Intermediate...