Vulnerabilities and exploits

Adobe chained installers increase security

Will Microsoft ending support for XP/SP2 create a nirvana for cybercriminals?

Join Roel Schouwenberg and myself as we explore what AV tests are about today and reflect on what is important for people using these tests to make an informed decision about buying protection for themselves and their families.

During my recent research into PHP backdoors, bots and shells, I came across a few IRC servers which looked pretty suspicious. After lurking in these channels I noticed that most of them were all about controlling botnets, automated exploitation and credit card fraud. This isn’t news – channels and IRC servers like this have been a hot media topic for the last five years. The question is, though, how can we find them so we can shut them down?

Over the years we’ve heard the phrase “it’s a feature, not a bug” quite a number of times. And it can be argued that the vulnerability in the PDF specification with regards to Launch actions is just that.

The vulnerability in the Windows Help and Support Center (CVE-2010-1885) has been a constant irritation to antivirus experts for the third week in succession. I will try to provide an analysis of the problem with the help of KSN

Google’s full disclosure of the Microsoft Windows Help and Support Center zero-day vulnerability, which is present in Windows XP and Windows 2003 – CVE 2010-1885.

As part of our general information sharing activity, we have launched a series of webcasts on YouTube.

Unreal IRCd Server source code discovered with backdoor.

When everyone is trying to secure their webservers, malware use client side vulnerabilities such as the recent vulnerability in some of Adobes software such as Acrobat Reader and Flash to spread malicious software.

A few thoughts about why replacing Windows with MacOS and Linux is not really the solution.

This report was compiled on the basis of data obtained and processed using the Kaspersky Security Network (KSN). KSN is one of the most important innovations in personal products and is currently in the final stages of development.

Is Google sniffing your WiFi network? Few hints on how to secure your wireless network.

Every day that goes by, I see more and more people complaining when it comes to Facebook and privacy.

This month Microsoft didn’t release a bulletin for the known vulnerability in SharePoint Server. What Microsoft did release today are two bulletins resolving critical vulnerabilities – one for Windows and one in Office.