BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘exploit’

darkleech

A Brief Overview of Darkleech

Posted April 4, 2013    BeyondTrust Research Team

A piece of malware, Darkleech, has been making the news rounds as of late. This one targets web servers, specifically Apache 2.2.2 and above. Instead of merely compromising a web server and uploading malicious content to be served to unsuspecting victims, Darkleech goes a step further by installing a special module that is loaded by…

Tags:
, , , , ,
java7

Java Zero Day Exploit – Java 7 Not the Answer

Posted January 10, 2013    BeyondTrust Research Team

A new Java zero-day vulnerability has been seen exploiting hundreds of thousands of machines. This 0day has already been incorporated into Cool Exploit Kit and Blackhole, in addition to Nuclear Pack and Redkit. This vulnerability affects Java 7 versions up to and including the current version of Java, 7u10. It should be noted that while…

Tags:
, , , , , ,
Java-Logo

Java Pwns Everyone…Again.

Posted August 30, 2012    BeyondTrust Research Team

Java has a nasty habit of getting you owned. This latest 0day is no exception to the long-lived trend of reliable Java-based exploitation. Here’s what you need to know: The current exploitation method being employed in the wild right now leverages two zero day flaws in Java. The first flaw leverages an implementation issue (logic bug) within ClassFinder.findClass(), which is only present in Java 7.

Tags:
, , , , , , , ,
blackholetoolkit1

BlackHole toolkit targets Microsoft XML Core Services flaw

Posted August 1, 2012    Sarah Lieber

Blackhole is a popular exploit kit used to inject malware onto PCs that visit an exploited site, or are redirected to such a site from another, compromised website.  As hackers get bolder they use these types of toolkits to compromise computer networks.  This allows less sophisticated individuals and organizations to compromise computer networks since these…

Tags:
, , , , , , , ,