Vulnerabilities and exploits

Over the past couple months, some advertising networks have been distributing ads that redirect browsers to sites hosting exploits. Spotify’s ad networks are the most recently outed.

Kaspersky lab discovered a new variant today, in the form of an obfuscated executable. Please review the technical details for further information. The threat was detected automatically thanks to the Kaspersky Security Network as UDS:DangerousObject.Multi.Generic.

Kaspersky Lab is still monitoring malicious websites involved in the recent Japan spam campaigns.

Ever since Stuxnet hit the news last year, there has been an increased interest in the area of industrial control systems (ICS). This has been evidenced by the fact that we’ve seen a recent surge in public releases of zero-day (unpatched) vulnerabilities and exploits.

Me and Slammer (Helkern) go back a long way…to 25 January 2003 to be precise. It was a baptism of fire for me in my new role as a virus analyst at Kaspersky Lab. It was a weekend and I was alone, in charge of monitoring the incoming flow of suspicious files. I had barely been at the company a month

Adobe released its fix for CVE-2011-0609 this afternoon, making good on last week’s advisory dealing with the latest Flash zero-day. Kaspersky Lab products detected .a, .b and .c variants as “Trojan-Dropper.MSExcel.SWFDrop” this past week.

Last week, we published a blog post regarding the ongoing spam campaign using the recent earthquake in Japan to infect users. According to our analysis, it seems that the malicious links from the spam emails lead to websites hosting the Incognito Exploit Kit.

Kaspersky Lab has detected a malicious spam campaign using the recent earthquake in Japan to infect users.

In this episode of Lab Matters, Kaspesky Lab malware researcher Tim Armstrong joins Ryan Naraine to examine the security posture of the Android mobile operating system. Armstrong looks at strengths and weaknesses of the open-source platform and warns about the risks associated with jailbreaking/rooting Android devices.

Adobe today released an advisory to warn about a remote code execution vulnerability in Flash Player, which also affects Adobe Reader and Acrobat.

There is a slew of unreferenced information on today’s patched vuln, so let’s examine a couple of the more interesting client side exploitable vulnerabilities that Microsoft patched today.

This month’s patch Tuesday is comprised of three bulletins covering four vulnerabilities. Two bulletins affect Windows while the other affects Office. The Windows vulnerabilities affect all currently supported client OS’s.

A new blog update from Google promises a response to deal with the outbreak of the so called “DroidDream” Android malware that went live on the Android Market last week

The “off-by-one” vulnerability is an old concept. Here is a description from Wikipedia:

An off-by-one error (OBOE) is a logical error involving the discrete equivalent of a boundary condition. It often occurs in computer programming when an iterative loop iterates one time too many or too few. Usually this problem arises when a programmer fails to take into account that a sequence starts at zero rather than one (as with array indices in many languages), or makes mistakes such as using “is less than or equal to” where “is less than” should have been used in a comparison.

The word ‘leak’ has become rather popular in recent times, but few of us actually realize just how likely it is that our own personal information could be leaked