no-image

Passwords13 (Hot Topic in Hot City)

Before BlackHat and DefCon taking place this week in Las Vegas, another conference attracts security experts:  Passwords13. A free to attend conference about Passwords and Authentication from attackers and defenders perspective. Last conference (Passwords12) in Oslo was the opposite when it… Read Full Article

no-image

Redirects in Spam

Spammers frequently use redirects in their emails: after clicking on a link in a spam message, the recipient is often taken through a series of websites before reaching the destination resource. There are many reasons for using redirects. In most… Read Full Article

no-image

Master Keys and Vulnerabilities

Last weeks have been quite busy with announcements of either master keys or Chinese master keysbeing unveiled, both qualifying as critical vulnerabilities for the Android platform. Although things have finally calmed a bit, we are still waiting for the final act in Las… Read Full Article

no-image

Malicious URLs in .lc Zone

While analyzing suspicious URLs I found out that more and more malicious URLs are coming from.lc domain, which formally belongs to Santa Lucia country located in in the eastern Caribbean Sea. Our statistics confirm this trend. Cybercriminals from different places… Read Full Article

no-image

Microsoft Updates July 2013

As promised in Microsoft’s July Advance Notification, Microsoft ships seven security bulletins this month (MS13-052 – MS13-058). At least 34 CVE are being patched. Six of the Security Bulletins are rated “critical” due to remote code execution issues. The vulnerabilities being fixed this month enable RCE across all versions of Windows operating systems, but most of these serious flaws have all been privately reported and there is no indication that they are publicly known or exploited yet. Some however, are publicly known and drew attention from a number of exploit developers. The kernel mode vulnerability, CVE-2013-3172 is publicly known, along with another kernel mode bug publicly disclosed by Tavis Ormandy in May. Unfortunately, an exploit abusing that vulnerability was touched up by another contributor and then already integrated into metasploit for public distribution and use. It’s also interesting that the update for the kernel mode TrueType Font Parsing CVE-2013-3129 bug effects code paths in seven different software packages (Office, Lync, Visual Studio, .NET, Silverlight, and “Windows components”) updated separately by Security Bulletins MS13-052, MS13-053, and MS13-054. Read Full Article