A journey to CVE-2014-0497 exploit

‚ÄčLast week we published a blog post about a CVE-2013-5330 exploit. We’ve also recently seen a new, similar attack targeting a patched Adobe Flash Player vulnerability (CVE-2014-0497). The vulnerability related to this malware was addressed with a patch released by Adobe on February 4, 2014. Flash Player versions 12.0.0.43 and earlier are vulnerable. We analyzed how these …

A close look at a targeted attack delivery

For antimalware products, targeted attacks represent a very interesting class of malware. They are stealthy and only target specific organizations and industries – flying under the radar when it comes to identifying new malware files based on telemetry. The purpose of these attacks is most commonly to steal confidential and sensitive information by means of …

Malicious Proxy Auto-Config redirection

Internet banking credentials are a desired target for cybercriminals. They can be targeted with man-in-the-middle attacks or through password stealing trojans such as Fareit, Zbot or Banker. A less known, yet commonly found in South America and to a lesser extent in Russia, method to gain unauthorized access to a user’s banking credentials is through …