Featured Blogs
Product Coverage and Mitigation for CVE-2014-1761 (Microsoft Word)
On March 24, Microsoft released Security Advisory 2953095 for Microsoft Word. In-the-wild exploitation of this vulnerability has been observed across...
Analyzing the Uroburos PatchGuard Bypass
A few weeks ago G Data Software released a report detailing alleged intelligence agency software. Following the release of that report,...
Timeline of Bitcoin Events Demonstrates Online Currency’s Volatility
The buzz about Bitcoin has moved from online circles to mainstream media sources. Last week’s news of the collapse of...
Automatic App Installation from Google Play Poses Big Risk
Android users usually download and install applications from the Google Play store through several interactions with the service–including viewing the...
Internet Explorer Zero Day Offers Unusual Case Study
While analyzing a recent Internet Explorer zero-day vulnerability, CVE-2014-0322 (containing the Flash sample hash b9c9dab0fd30418884800afebbaba4d99f4526ef0c9a47972a20ab20fed0a06d), we noticed the exploit makes...
Examining Your Very Own Sefnit Trojan
Most malware is created for economic purposes. To name just a few of our reports and blogs on this topic,...
Careto Worldwide Malware Attack Unmasked
On Monday Kaspersky Labs announced the discovery of a large number of malware infections across large parts of the globe. Kaspersky...
January 2014 #SecChat Wrap-up — Threat Predictions
Threats seem to be top of mind for the masses of late—with three large-scale attacks on major brands already this...
Plasma HTTP Botnet Steals Passwords From Chrome, FileZilla
Last year we reported on the Athena HTTP botnet, which targets Windows XP systems, mostly for distributed denial-of-service attacks. Now...
HTML 5 Security Issues and Implications
Last week, I discussed security-aware attacks that are capable of identifying and evading security solutions deployed on a system. One...
