Bypassing Microsoft’s Patch for the Sandworm Zero Day, the Root Cause
On October 21, we warned the public that a new exploitation method could bypass Microsoft’s official patch (MS14-060, KB3000869) for...
Chinese Trojan Hooks Macs, iPhones
“Distrust and caution are the parents of security”–Benjamin Franklin A recent threat targeting Chinese users of Mac OS X and...
Malicious Utility Can Defeat Windows PatchGuard
In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at...
Targeted Attacks on French Company Exploit Multiple Word Vulnerabilities
Spear phishing email is a major worry to any organization. Messages that appear legitimate and specific fool us more often...
Dofoil Downloader Update Adds XOR-, RC4-Based Encryption
This blog was written by Sanchit Karve. The Dofoil downloader (found in the wild since 2011) occasionally updates itself with...
Product Coverage and Mitigation for CVE-2014-1761 (Microsoft Word)
On March 24, Microsoft released Security Advisory 2953095 for Microsoft Word. In-the-wild exploitation of this vulnerability has been observed across...
Examining Your Very Own Sefnit Trojan
Most malware is created for economic purposes. To name just a few of our reports and blogs on this topic,...
Analyzing the Recent Windows Zero-Day Escalation of Privilege Exploit
Recently we caught a malicious sample that exploits a PDF vulnerability–CVE-2013-3346, we believe–and executes after a use-after-free condition occurs. During...
Updates and Mitigation to Microsoft Office Zero-Day Threat (CVE-2013-3906)
On November 5, Microsoft posted Security Advisory 2896666. This vulnerability, discovered by Haifei Li of McAfee Labs, affects multiple versions of Microsoft...
Is Your Mobile Device Misbehaving? How to Catch Common Malware Misbehaviors
Nothing in life is free, and that’s especially true when it comes to mobile apps. Thousands of free apps are...
