Blog Posts Tagged with "Malicious Code"
To Tweet, or Not to Tweet, That is the Question...
August 19, 2012 Added by:Christopher Laing
Activities that threaten your business are the downloading and opening of attachments and Internet files that contain malicious software, and the electronic delivery/distribution of business sensitive information without encryption. This may done either accidentally or deliberately by a disgruntled employee...
Comments (1)
Mahdi Campaign and Cyber Espionage in the Middle East
July 19, 2012 Added by:Pierluigi Paganini
The Mahdi attack is based on two well known techniques used to deliver malicious payloads, and the huge quantity of data collected reveals the real targets of the operation are government agencies, critical infrastructure engineering firms and financial houses...
Comments (0)
KeePass Vulnerability Exposes Password Lists
June 28, 2012 Added by:Headlines
“The bug will be injected on the remote way, affects the local validation (html/xml) and change the technic back when remotely transferring the password lists. The injection of the malicious URL/domain context can be done via auto save of URLs (victim) or manually (reproduce)," the researchers stated...
Comments (1)
Malware Targeting Android Devices Increases Sharply
May 17, 2012 Added by:Headlines
"The number of malicious Android application package files (APKs) received in Q1 2011 and in Q1 2012 reveals... an increase from 139 to 3063 counts... attributed to malware authors crafting their infected or trojanized applications to defeat anti-virus signature detection..."
Comments (0)
Big Boy Politics: Rep. Frank Wolf Demonstrates
May 09, 2012 Added by:Joel Harding
Congressman Wolf, why don’t you establish a program, for the sake of national security, inspecting equipment originating from outside the US, looking for embedded malicious code and backdoors as well as inspecting software updates for that equipment for the same?
Comments (0)
ICS-CERT: WellinTech KingView DLL Hijack Vulnerability
May 02, 2012 Added by:Infosec Island Admin
Independent researcher Carlos Mario Peñagos Hollman identified a DLL Hijack vulnerability in WellinTech’s KingView application. WellinTech has created a patch that resolves the vulnerability. Mr. Hollman has tested the patch and verified that it resolves the vulnerability...
Comments (0)
How QR Codes Can Deliver Malware
March 28, 2012 Added by:Robert Siciliano
QR code infections are relatively new. A QR scam works because, as with a shortened URL, the link destination is obscured by the link itself. Once scanned, a QR code may link to an malicious website or download an unwanted application or mobile virus...
Comments (0)
IC3: Browser Bot Infection and HTML Attachment Malware
March 28, 2012 Added by:Headlines
The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself...
Comments (0)
Cisco Releases Multiple Security Advisories
March 15, 2012 Added by:Headlines
The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability which can allow a remote attacker to convince a user to view a specially crafted HTML document, and the attacker may be able to then execute arbitrary code...
Comments (0)
Yet Another Chinese-Based Targeted Malware Attack
March 14, 2012 Added by:Headlines
"The payload is also an advanced persistent threat - extremely difficult to detect once inside the network. Although it’s more than a week old, the backdoor still has poor detection, with only 7 of 42 antivirus solutions able to detect it..."
Comments (0)
ICS-CERT: Robot Communication Runtime Buffer Overflow
March 05, 2012 Added by:Infosec Island Admin
A buffer overflow vulnerability in the Robot Communication Runtime software used to communicate with IRC5, IRC5C, and IRCP robot controllers could allow an attacker to cause a denial of service and potentially execute remote code with administrator privileges...
Comments (0)
Google Releases Vulnerability Fixes with Chrome 17.0.963.65
March 05, 2012 Added by:Headlines
Google has released Chrome 17.0.963.65 for Windows, Macintosh, Linux and Google Chrome Frame which provides fixes for multiple vulnerabilities identified may have allowed for denial-of-service (DoS) attacks or the execution of malicious arbitrary code...
Comments (0)
Cisco Released Multiple Security Advisories
March 02, 2012 Added by:Infosec Island Admin
Cisco has released six security advisories this week to address vulnerabilities that may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with escalated privileges and bypass security restrictions...
Comments (0)
Targeting of Android Devices Leads Malware Trends for 2012
February 24, 2012 Added by:Headlines
"Smartphones and tablets are finally delivering consumers with these converged and connected experiences we've been promised for so long. But this is a double edged sword: as smart device usage becomes more sophisticated, so too are cyber criminals' methods of attacking..."
Comments (0)
ICS-CERT: 7Technologies TERMIS DLL Hijacking
February 21, 2012 Added by:Infosec Island Admin
The 7T TERMIS software is vulnerable to DLL Hijacking. An attacker may place a malicious DLL in a directory where it will be loaded before the valid DLL. This vulnerability may allow execution of arbitrary code and may be exploitable from a remote machine...
Comments (0)
ICS-CERT: Punzenberger COPA-DATA HMI Vulnerabilities
February 08, 2012 Added by:Headlines
Researcher Kuang-Chun Hung has identified multiple denial-of-service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system which may allow an attacker to execute a DoS attack and potentially execute arbitrary code...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)