FAKEAV Update: Java Vulnerabilities and Improved Fake Alerts

Peaches

By Peaches,
in Security Alerts

 Share Followers 0

Recommended Posts

Peaches

Peaches

Posted
Posted
Oct20

FAKEAV Update: Java Vulnerabilities and Improved Fake Alerts

There have been recent talks within the security industry about the increasing use of Java vulnerabilities by attackers. Last week, security blogger Brian Krebs noted how Java was being used by exploit packs. Earlier this week, Microsoft also reported what they called an “unprecedented wave” of Java exploits.

This is something we’ve been seeing as well. FAKEAV doorway pages (a concept previously discussed in “Doorway Pages and Other FAKEAV Stealth Tactics”) are increasingly using Java vulnerabilities. In cases where these vulnerabilities cannot be exploited, PDF exploits are used instead. We detect the said Java and PDF exploits as JAVA_LOADER.HLL and TROJ_PIDIEF.HLL respectively

Two vulnerabilities we have seen heavily exploited in particular in this manner are:

More details & screenshots here: http://blog.trendmicro.com/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 0
Go to topic listing