Angler’s unique obfuscation, ability to detect antivirus and virtual machines, encrypted payload and fileless infection have some calling it the most sophisticated exploit kit.
Monthly Archives: February 2015
Zero-day exploit affects popular WordPress plugin
The Fancybox plugin for WordPress has been hit by a zero-day exploit that allows hackers to inject malicious code into websites, reports ZDNet.
The post Zero-day exploit affects popular WordPress plugin appeared first on We Live Security.
Threatpost News Wrap, February 6, 2015
Dennis Fisher and Mike Mimoso discuss the Anthem data breach, the continuing Flash 0-day happy fun times, the expansion of exploit kits and the crowd funding support for GnuPG.
Cheezburgers, Warrant Canaries and Cat Memes
Surveillance, privacy and security are serious subjects. So too, for some people, are cat memes and GIFs of screaming goats. And Cheezburger Inc., the premier purveyor of said memes and GIFs, wants its users to know that the company is standing up for their rights. The folks at Cheezburger have built an online empire on […]
CVE-2014-9632 (internet_security, protection)
The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call.
CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
CVE-2014-9641
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
CVE-2014-9642
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
CVE-2014-9643
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.
CVE-2015-1305
McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.