Vulnerabilities and exploits

Ever since Stuxnet hit the news last year, there has been an increased interest in the area of industrial control systems (ICS). This has been evidenced by the fact that we’ve seen a recent surge in public releases of zero-day (unpatched) vulnerabilities and exploits.

Me and Slammer (Helkern) go back a long way…to 25 January 2003 to be precise. It was a baptism of fire for me in my new role as a virus analyst at Kaspersky Lab. It was a weekend and I was alone, in charge of monitoring the incoming flow of suspicious files. I had barely been at the company a month

Adobe released its fix for CVE-2011-0609 this afternoon, making good on last week’s advisory dealing with the latest Flash zero-day. Kaspersky Lab products detected .a, .b and .c variants as “Trojan-Dropper.MSExcel.SWFDrop” this past week.

Last week, we published a blog post regarding the ongoing spam campaign using the recent earthquake in Japan to infect users. According to our analysis, it seems that the malicious links from the spam emails lead to websites hosting the Incognito Exploit Kit.

Kaspersky Lab has detected a malicious spam campaign using the recent earthquake in Japan to infect users.

In this episode of Lab Matters, Kaspesky Lab malware researcher Tim Armstrong joins Ryan Naraine to examine the security posture of the Android mobile operating system. Armstrong looks at strengths and weaknesses of the open-source platform and warns about the risks associated with jailbreaking/rooting Android devices.

Adobe today released an advisory to warn about a remote code execution vulnerability in Flash Player, which also affects Adobe Reader and Acrobat.

There is a slew of unreferenced information on today’s patched vuln, so let’s examine a couple of the more interesting client side exploitable vulnerabilities that Microsoft patched today.

This month’s patch Tuesday is comprised of three bulletins covering four vulnerabilities. Two bulletins affect Windows while the other affects Office. The Windows vulnerabilities affect all currently supported client OS’s.

A new blog update from Google promises a response to deal with the outbreak of the so called “DroidDream” Android malware that went live on the Android Market last week

The “off-by-one” vulnerability is an old concept. Here is a description from Wikipedia:

An off-by-one error (OBOE) is a logical error involving the discrete equivalent of a boundary condition. It often occurs in computer programming when an iterative loop iterates one time too many or too few. Usually this problem arises when a programmer fails to take into account that a sequence starts at zero rather than one (as with array indices in many languages), or makes mistakes such as using “is less than or equal to” where “is less than” should have been used in a comparison.

The word ‘leak’ has become rather popular in recent times, but few of us actually realize just how likely it is that our own personal information could be leaked

Here’s the latest of our malware wallpaper calendars.

I don’t know about the rest of the world, but in Russia the most popular SMS message is “Where are you?” But very soon that particular question is going to be irrelevant.
A few days ago Gartner published its list of the top 10 mobile applications to watch out for in 2012. First place went to Location-Based Services (LBS).

The story of how HBGary Federal’s network was recently hacked, resulting in the leak of numerous emails belonging to the US cyber-security firm’s employees and bosses has been big news over the last few days.