Targeted Attacks on French Company Exploit Multiple Word Vulnerabilities
Spear phishing email is a major worry to any organization. Messages that appear legitimate and specific fool us more often...
Dofoil Downloader Update Adds XOR-, RC4-Based Encryption
This blog was written by Sanchit Karve. The Dofoil downloader (found in the wild since 2011) occasionally updates itself with...
Product Coverage and Mitigation for CVE-2014-1761 (Microsoft Word)
On March 24, Microsoft released Security Advisory 2953095 for Microsoft Word. In-the-wild exploitation of this vulnerability has been observed across...
Examining Your Very Own Sefnit Trojan
Most malware is created for economic purposes. To name just a few of our reports and blogs on this topic,...
Analyzing the Recent Windows Zero-Day Escalation of Privilege Exploit
Recently we caught a malicious sample that exploits a PDF vulnerability–CVE-2013-3346, we believe–and executes after a use-after-free condition occurs. During...
Updates and Mitigation to Microsoft Office Zero-Day Threat (CVE-2013-3906)
On November 5, Microsoft posted Security Advisory 2896666. This vulnerability, discovered by Haifei Li of McAfee Labs, affects multiple versions of Microsoft...
Is Your Mobile Device Misbehaving? How to Catch Common Malware Misbehaviors
Nothing in life is free, and that’s especially true when it comes to mobile apps. Thousands of free apps are...
Does Kik Messenger Pose a Danger to Your Kids?
With more than 50 million users, and reportedly growing by 20,000 everyday, Kik has become one of the most popular...
Styx Exploit Kit Takes Advantage of Vulnerabilities
Web-based malware has increased over the last few years due to an abrupt spike in new exploit kits. These kits...
Travnet Botnet Controls Victims With Remote Admin Tool
The malicious binary behind the Travnet botnet has been updated. The new code has a new compression algorithm, steals the...
