Security Blog

Chris Larsen's picture
Written by
Chris Larsen
As part of working on an update to the "Shade EXE Detector" module in WebPulse, I was reviewing different types of executables that come through our logs, and how they're disguised. One of the evil sites in the current catch-basket was this one: (As a scam, it looks pretty good, although one could quibble with their mistaken use of "employers" instead of "employees" in two places...)
Waylon Grange's picture
Written by
Waylon Grange
Since the initial disclosure of CVE-2014-6271 further review has revealed four more vulnerabilities in bash that belong to the Shellshock family, namely, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, and CVE-2014-6277.
Waylon Grange's picture
Written by
Waylon Grange
Since yesterday’s announcement of the CVE-2014-6271 bash bug we’ve seen attackers waste no time before scanning the Internet. The announcement was posted to bugzilla.redhat.com at 2014-09-24T14:00:08+00:00 and at 2014-09-24T18:32:008+00:00, 4 ½ hours later, we started seeing scans looking for the vulnerability.
Andrew Brandt's picture
Written by
Andrew Brandt
A malicious Javascript file, unintentionally served last week by the Zedo advertising network, redirected victims to the Nuclear exploit kit which (under the right circumstances) delivered a punishing series of infections onto PCs.
Chris Larsen's picture
Written by
Chris Larsen
I waited a month after Robin Williams died to write this blog post. Partly because things are always busy in the malware world, but mostly because I didn't want to be ghoulish, and try to capitalize on the publicity around his death.
Andrew Brandt's picture
Written by
Andrew Brandt
If you spend enough time visiting the shadier side of the Internet using your mobile or tablet, you're likely to run into scripted attacks at some point. Take, as a canonical example, the case of the Generic Android Tablet Security Alert, shown above to illustrate how supremely cheesy these kinds of threats appear.