Announcement

Collapse
No announcement yet.

Delving deep into VBScript

Collapse
X
Collapse

  • Delving deep into VBScript

    In late April we found and wrote a description of CVE-2018-8174, a new zero-day vulnerability for Internet Explorer that uses a well-known technique from the PoC exploit CVE-2014-6332. But whereas CVE-2014-6332 was aimed at integer overflow exploitation for writing to arbitrary memory locations, my interest lay in how this technique was adapted to exploit the use-after-free vulnerability.

    More...
      Posting comments is disabled.

    Categories

    Collapse

    Article Tags

    Collapse

    Latest Articles

    Collapse

    • Threats posed by using RATs in ICS
      willie
      While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors had used RATs to attack industrial organizations.

      More...
      21-09-2018, 09:26
    • New trends in the world of IoT threats
      willie
      Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead.

      More...
      21-09-2018, 09:26
    • Threats posed by using RATs in ICS
      willie
      While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors had used RATs to attack industrial organizations.

      More...
      20-09-2018, 14:36
    • New trends in the world of IoT threats
      willie
      Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead.

      More...
      19-09-2018, 15:48
    • LuckyMouse signs malicious NDISProxy driver with certificate of Chinese IT company
      willie
      Since March 2018 we have discovered several infections where a previously unknown Trojan was injected into the lsass.exe system process memory. This campaign was active immediately prior to Central Asian high-level meeting and we suppose that actor behind still follows regional political agenda.

      More...
      11-09-2018, 10:13
    • Threat Landscape for Industrial Automation Systems in H1 2018
      willie
      In this report, Kaspersky Lab ICS CERT publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018.

      More...
      06-09-2018, 15:50
    Working...
    X