Blog

Vulnerability

New cyber espionage malware ‘Flamer’ is the most complex ever seen

 May 29, 2012

Estimated reading time: 2 minutes

Our Malware Analysis team has discovered a highly complex malware (Trojan.Flamer.A) that is written using the ‘Lua’ programming language. This malware is on par, if not stronger, than previously seen similar threats, Stuxnet and Duqu. The Iranian CERT (Computer Emergency Response Team) has many names for this worm – ‘Flame’,...

How to tell the difference between White-Hat, Grey-Hat and Black-Hat hackers

 May 28, 2012

Estimated reading time: 2 minutes

In the last post on hacktivism, we briefly mentioned three different types of hackers – white-hat hackers, grey-hat hackers and black-hat hackers. This post will delve into these three and help you understand the categories better. A hacker, as we all know by now, is someone who utilizes his understanding...

Microsoft May-2012 Patch Tuesday Released

 May 9, 2012

Estimated reading time: 3 minutes

Microsoft has released 7 bulletins covering a total of 11 vulnerabilities. Eight of this month’s issues are rated ‘Critical’ and they affect Windows, .NET, Office and Silverlight. The remaining issues affect Office and Windows. The following vulnerabilities are rated “Critical”: MS12-029- Vulnerability in Microsoft Word Could Allow Remote Code Execution...

Microsoft April-2012 Patch Tuesday Released

 April 11, 2012

Estimated reading time: 3 minutes

Microsoft has released six bulletins covering a total of 11 vulnerabilities. Seven of this month’s issues are rated ‘Critical’ and they affect Internet Explorer, .NET, and Windows. The remaining issues affect Internet Explorer, Windows, Forefront Unified Access Gateway, and Office. The following vulnerabilities has rated “Critical”: MS12-023- Cumulative Security Update...

MS12-020 Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)

 March 16, 2012

Estimated reading time: 2 minutes

The vulnerability lies in a part of Windows called the Remote Desktop Protocol (RDP) and could allow malicious hackers to run code without the users’ permission.The security hole affects Windows XP and all subsequent versions of Windows released, including the developer preview of Windows 8. This security update resolves two...

Microsoft March-2012 Patch Tuesday Released

 March 14, 2012

Estimated reading time: 2 minutes

Microsoft has released six bulletins covering a total of seven vulnerabilities. Only one of this month’s issues is rated ‘Critical’ and it affects the Remote Desktop Protocol. The remaining issues affect the Windows kernel, DNS Server, Expression, Visual Studio and Windows. The following vulnerabilities are rated “Critical”: MS12-020 – Vulnerabilities...

Security update available for Adobe Flash Player

 March 6, 2012

Estimated reading time: 1 minute

These updates address critical vulnerabilities in Adobe Flash Player 11.1.102.62 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.115.6 and earlier versions for Android 4.x and Adobe Flash Player 11.1.111.6 and earlier versions for Android 3.x and 2.x. These vulnerabilities could cause a crash and potentially...

Security updates available for Adobe Reader and Acrobat

 January 12, 2012

Estimated reading time: 2 minutes

A critical vulnerability has been identified in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh and in Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to gain control of the affected...

Indian Cyberspace hit by Kim Jong-II Malware Mails!

 January 3, 2012

Estimated reading time: 1 minute

It has been observed that cybercriminals are using the name of the North Korean leader Kim Jong-II after his death to target Internet users. Attackers are achieving this by spamming malicious emails containing specially crafted PDF files named “BriefintroductionofKim-Jong-il.pdf” This PDF file has been found to exploit CVE-2010-2883 and CVE-2010-3333...

Microsoft has released an out-of-band bulletin MS11-100

 January 2, 2012

Estimated reading time: 3 minutes

Microsoft has released an out-of-band bulletin MS11-100 addressing four vulnerabilities. The bulletin is rated by Microsoft as critical and the vulnerabilities are listed as below: – Collisions in HashTable May Cause DoS Vulnerability (CVE-2011-3414) – Insecure Redirect in .NET Form Authentication Vulnerability (CVE-2011-3415) – ASP.Net Forms Authentication Bypass Vulnerability (CVE-2011-3416)...