Threat Category: Vulnerabilities and exploits | Page 41

This month Microsoft didn’t release a bulletin for the known vulnerability in SharePoint Server. What Microsoft did release today are two bulletins resolving critical vulnerabilities – one for Windows and one in Office.

Update about Gumblar recent stats and new fact discovered – Gumblar developers decided to block Japanese IPs!

Heloag was believed to be a Peer-to-Peer bot by some, but it is not (as static analysis revealed)!

Not only did Microsoft release their bulletins, but Adobe also released critical updates for Adobe Reader and Acrobat 9.3.1 for Windows, Mac and Unix along with updates for Reader and Acrobat 8.2.1.

New Brazilian crypto technique used for the server side malware obfuscation in order to prevent an automated malware analysis.

A lot of tools and services change hands – for money in the criminal underground . For example bot-packs are offered by the creator or his business partners for a defined amount of money. The customer gets a package with all needed files and additional support, like updates against anti-virus…

Vulnerabilities continue to be detected and successfully exploited in Adobe’s most popular products – Acrobat and Reader.

Some days ago we received an interesting PDF file (detected as Exploit.JS.Pdfka.bui) which contained an exploit for the CVE-2010-0188 vulnerability, which was…

News has spread pretty quickly about the latest IE 0-day exploit (https://docs.microsoft.com/en-us/security-updates/securityadvisories/2010/981374). Unfortunately, in trying to publicize the quality of his employer’s product in relation to this new exploit, according to Ryan Naraine

Today Microsoft released 2 bulletins addressing 8 vulnerabilities affecting Windows and Microsoft Office products.

Too many passwords?

The statistics used in this report are generated by the Kaspersky Security Network (KSN), a major innovation implemented in Kaspersky Lab personal products. The system is currently being adapted for implementation in Kaspersky Lab’s corporate product offerings.

Earlier today, Microsoft released the out-of-band (OOB) Microsoft Security Bulletin MS10-002 (rated “Critical”) to the public.

From the look of things Microsoft is starting off slow this year with only one of each in today’s release – one bulletin, one advisory and one re-released bulletin.

Last minute shopping – keep safe!

Piecing the search engine puzzle together in real time

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Vulnerabilities and exploits

May’s Patch Tuesday

Gumblar: Farewell Japan

Heloag has rather no friends, just a master

April Patch Tuesday: Adobe and Microsoft

Brazil: new crypto challenge

No honor among thieves – even in Germany

Adobe yet again

When too much is not enough too much

Patch Tuesday

Too many passwords?

Kaspersky Security Bulletin 2009. Statistics, 2009

Patch now: MS10-002

Patch Tuesday – Jan 2010

Last minute shopping – keep safe!

Where will real-time search take us?

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails