Heartbleed: Industry OpenSSL Vulnerability Information Learn More
January 14, 2014: As announced, Microsoft has released their January Security Bulletins. A total of 4 bulletins have been released. Affected software includes Microsoft Windows, Office, and Server Software. 1 of the bulletins is rated as 'Important' and carries a potential impact of remote code execution. Learn More
The W32/Worm-AAEH family (aliases: Beebone, VObfus, Changeup) of Trojans/downloaders/worms has been notorious for consistently morphing itself and switching control servers since June 2009. In June 2013, the AAEH worm made its biggest cosmetic change since 2009 by packaging an entire encrypted binary (containing all the malicious W32/Worm-AAEH code) inside its signature cryptor, which previously held only […]
The post W32/Worm-AAEH Replaces Cryptor With One Used by Dofoil Downloaders appeared first on McAfee.
Spear phishing email is a major worry to any organization. Messages that appear legitimate and specific fool us more often than random phishing attempts. Exploits that use patched vulnerabilities delivered via spear phishing email are one of the most successful combinations used by attackers to infiltrate targeted organizations and gain access to confidential information. During […]
The post Targeted Attacks on French Company Exploit Multiple Word Vulnerabilities appeared first on McAfee.
The Dofoil downloader (found in the wild since 2011) occasionally updates itself with new features and encryption techniques to hide communications with its control servers. The latest iteration uses a variation of XOR and RC4 algorithms similar to previous variants to encrypt the list of control servers within the binary and encrypt all traffic with […]
The post Dofoil Downloader Update Adds XOR-, RC4-Based Encryption appeared first on McAfee.