Friday 7 November 2014

Security Bytes 0x1335433 [Open Source Digest]

> Carving for Cookies: Supersize your Internet History Timeline using Google Analytic Artifacts

> Sandworm APT exploits, BlackEnergy malware
> site sent visitors to Rig exploit kit to infect them with a range of malware including Infostealer.Dyranges and Trojan.Zbot.
> ROM – A New Version of the Backoff PoS Malware
> Apple iWorm Malware
> Dridex Banking Trojan
> Dyre/Dyreza packaged with PDF exploits (namely CVE-2013-2729)
> Rovnix Malware
  • [2014-10-10]
  • [2014-10-09]
  • [2012-02-22]
> WireLurker Apple iDevice Malware
  • [2014-11-06]
  • [?]

> FreeBSD Vulnerability (CVE-2014-8517)
> "Rootpipe" Privilege Escalation Vulnerability in Mac OSX Yosemite
> CVE-2014-0569 Analysis (seen to be integrated into the Fiesta EK)
> CVE-2014-1772 Analysis (IE Use-After-Free Vulnerability)
> CVE-2014-4113 Analysis (Windows Kernel Mode Vulnerability, AKA Sandworm Vulnerability)
> CVE-2014-4115 Analysis (Malicious USB Disks Allow for Possible Whole System Control)

> Operation Huyao

No comments:

Post a Comment