Heartbleed: Industry OpenSSL Vulnerability Information Learn More
January 14, 2014: As announced, Microsoft has released their January Security Bulletins. A total of 4 bulletins have been released. Affected software includes Microsoft Windows, Office, and Server Software. 1 of the bulletins is rated as 'Important' and carries a potential impact of remote code execution. Learn More
In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at the kernel level to bypass Microsoft’s security for 64-bit Windows systems. Today a small utility program named KPP-Destroyer can be found online. Previous versions of KPP-Destroyer had some bugs on a Windows 8.1 computer, but […]
Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have executables “attached” to the documents. Usually, some words in the documents try to convince users to click and run the attachments. The following figure shows the point at which a user clicks on the attachment. […]
The post Dropping Files Into Temp Folder Raises Security Concerns appeared first on McAfee.
The W32/Worm-AAEH family (aliases: Beebone, VObfus, Changeup) of Trojans/downloaders/worms has been notorious for consistently morphing itself and switching control servers since June 2009. In June 2013, the AAEH worm made its biggest cosmetic change since 2009 by packaging an entire encrypted binary (containing all the malicious W32/Worm-AAEH code) inside its signature cryptor, which previously held only […]
The post W32/Worm-AAEH Replaces Cryptor With One Used by Dofoil Downloaders appeared first on McAfee.