Software Vulnerabilities August 29, 2014

Understanding IE’s New Exploit Mitigations: The Memory Protector and the Isolated Heap

6 min read - In response to two attacks, new Internet Explorer exploit mitigations were released to increase the cost of exploiting IE use-after-free vulnerabilities.

Banking & Finance July 11, 2014

The Father of Zeus: Kronos Malware Discovered

3 min read - Researchers at Trusteer, an IBM company, recently discovered the Kronos malware, which offers compatibility with Zeus, in a Russian cyber crime forum.

Software Vulnerabilities April 25, 2014

Underground Cybercrime: Exploits for Sale

2 min read - Trusteer's security team has recently identified a new offering from a Russian cybercrime forum member: An exploit that, according to the seller, is successful 95 percent of the time.

Software Vulnerabilities April 8, 2014

A Peek into IE’s Enhanced Protected Mode Sandbox

7 min read - IE 10 Enhanced Protected Mode (EPM) sandbox research that was presented at Hack in the Box 2013 and the Black Hat Asia 2014 security conferences. Summary of findings and discussion of the most important points and related resources to find…

Software Vulnerabilities March 19, 2014

Diving Into IE 10’s Enhanced Protected Mode Sandbox at Black Hat Asia 2014

2 min read - If you’re using Internet Explorer in immersive mode on Windows 8/8.1 to browse Internet web sites, under the hood, your browser will be running inside the Enhanced Protected Mode sandbox. Enhanced Protected Mode (EPM) is the sandboxing mechanism in IE…

Intelligence & Analytics October 8, 2013

Taking on a Zero Day with Intelligence

4 min read - The situation described here does not come from the ivory tower; instead it comes from the real world and shows how to rapidly and efficiently address a zero-day vulnerability. You are probably already overwhelmed with patching. Alternatively, you might be…

X-Force May 22, 2013

CVE-2013-1347: Microsoft Internet Explorer CGenericElement object Use-After-Free Vulnerability

4 min read - Hi everyone   Last week, Microsoft released MS13-038  as part of the updates for May 2013. This specifically patches CVE-2013-1347, which is used in the compromise of U.S. Department of Labor website recently (well, I’m sure this is not...

Fraud Protection April 18, 2013

Gozi Financial Malware Puts the Boots On

2 min read - IBM has identified a new Gozi variant that infects the MBR, ensuring it loads with the operating system after a reboot and remains on the infected system.

X-Force April 1, 2013

Use-after-frees: That pointer may be pointing to something bad

6 min read - If you look at the last few Internet Explorer security bulletins, you'll notice that many of the patched vulnerabilities were use-after-frees (or UAFs) [1, 2]. Use-after-free is still a common bug class because the task of manually identifying them, especially...

Malware January 20, 2013

Malvertising Campaigns Get a Boost From Unpatched Java Zero-Day Exploits

3 min read - A new type of malware distributes Blackhole exploit kits that compromise user endpoints through malicious advertising, or "malvertising."