Malware, Network Security, Vulnerability Management

Despite patch, exploits against new Java bug picking up

SC StaffAugust 3, 2012

Researchers at Microsoft are warning that malware taking advantage of a patched Java vulnerability is now being heavily targeted. Detection rates for exploits against the vulnerability (CVE-2012-1723) are now overtaking attacks abusing a previous widely attacked Java bug (CVE-2012-0507), which was used to spread the widespread Flashback trojan that targeted Mac users. Jeong Wook Oh of the Microsoft Malware Protection Center wrote Wednesday in a blog post that the latest vulnerability, classed as a type confusion flaw and patched in June, shows "a high success rate with exploitation when Java Runtime Environment is not updated to the latest secure version."

SC Staff

Threat Intelligence

New Menorah malware bolsters OilRig APT’s cyberespionage efforts

SC StaffOctober 2, 2023

Iranian advanced persistent threat operation OilRig, also known as APT34, Helix Kitten, Hazel Sandstorm, and Cobalt Gypsy, had its cyberespionage arsenal strengthened with the novel Menorah malware deployed in a spear-phishing campaign, which included a Saudi Arabia-based organization as one of its targets, reports The Hacker News.

Malware

New ASMCrypt malware loader detailed

SC StaffOctober 2, 2023

New ASMCrypt malware loader detailed Novel malware crypter and loader ASMCrypt has been developed by cybercriminals building upon the stealthy DoubleFinger malware loader, which was previously leveraged to facilitate GreetingGhoul cryptocurrency stealer deployment, according to The Hacker News.