CVE-2018-18500: Heap write-after-free in Firefox, Analysis and Exploitation

Credit to Author: Yaniv| Date: Thu, 18 Apr 2019 15:35:40 +0000

Editor&#8217;s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept &#8220;Arbitrary Read/Write Primitive&#8221; exploit for this bug. The vulnerability was deemed critical by Mozilla&#8217;s bug tracking team and was patched in Firefox 65.0. It&#8217;s written for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/oTcYk6i594c” height=”1″ width=”1″ alt=””/>

Read more

Protected: CVE-2018-18500: Heap write-after-free in Firefox, Analysis and Exploitation

Credit to Author: Yaniv| Date: Thu, 18 Apr 2019 15:35:40 +0000

Editor&#8217;s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept &#8220;Arbitrary Read/Write Primitive&#8221; exploit for this bug. The vulnerability was deemed critical by Mozilla&#8217;s bug tracking team and was patched in Firefox 65.0. It&#8217;s written for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/oTcYk6i594c” height=”1″ width=”1″ alt=””/>

Read more

Microsoft fixes 74 bugs in its April, 2019 Patch Tuesday releases

Credit to Author: Yaniv| Date: Tue, 09 Apr 2019 21:28:38 +0000

There are 16 Microsoft bugs marked as critical, as well as serious flaws in Adobe Flash and Acrobat that require immediate attention<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/VAyR1kHbAYM” height=”1″ width=”1″ alt=””/>

Read more

Machine learning hones weapons of maldoc destruction

Credit to Author: Jason Zhang| Date: Tue, 09 Apr 2019 14:49:19 +0000

By Jason Zhang Criminals continue to leverage the features of Adobe&#8217;s PDF document format to engage in malware and phishing attacks, with no sign of a slowdown. Last year at Black Hat USA, I gave a presentation about PDF-based malware detection using machine learning. We discovered that the best AV engine could only catch fewer [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/3k1sko1i93Y” height=”1″ width=”1″ alt=””/>

Read more

What you need to know for Patch Tuesday, March 2019

Credit to Author: Andrew Brandt| Date: Thu, 14 Mar 2019 13:00:46 +0000

By SophosLabs Offensive Security Research Microsoft released their monthly security updates for March this past Tuesday. This month’s fixes address 64 vulnerabilities that affect Windows and a range of software that runs on Windows, mainly the Internet Explorer and Edge browsers. In addition, there was a patch released for one critical vulnerability in Adobe Flash. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Vlj59LNV68Y” height=”1″ width=”1″ alt=””/>

Read more

GandCrab 101: All about the most widely distributed ransomware of the moment

Credit to Author: Luca Nagy| Date: Tue, 05 Mar 2019 14:00:10 +0000

In this Sophos101 report, we’ll give you the lowdown on what you need to know about this, unfortunately, widely disseminated malware.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/QbQ2o1iJn68″ height=”1″ width=”1″ alt=””/>

Read more

Emotet 101, stage 5: a delivery vehicle for more malware

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:59:17 +0000

By SophosLabs Research Emotet is a botnet in its own right, one so prolific and dominant that the United States CERT, the body tasked with tracking cyberthreats to the country, named Emotet in July, 2018 &#8220;among the most costly and destructive malware&#8221; to affect governments, enterprises and organizations large and small, and individual computer users. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/A9JdHdI4I94″ height=”1″ width=”1″ alt=””/>

Read more

Emotet 101, stage 4: command and control

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:58:33 +0000

By SophosLabs Research The Emotet family could not do what it does without receiving a constant stream of instructions from its owners, or in the absence of the detailed level of feedback about its operating environment each bot sends home from an infected host machine. It also uses huge numbers of compromised websites that belong [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/tuvtIYBP4JI” height=”1″ width=”1″ alt=””/>

Read more

Emotet 101, stage 3: The Emotet executable

Credit to Author: hajnalkakope| Date: Tue, 05 Mar 2019 13:57:54 +0000

By SophosLabs Research Emotet&#8217;s arrival is usually preceded by a deceptive spam email, which has a malicious attachment. Opening the attachment starts a process which can lead to an Emotet infection. The Emotet application is an evolved binary, in the sense that it has gone through thousands of iterations over its existence. Its presence as [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/CfniXxu0bac” height=”1″ width=”1″ alt=””/>

Read more

Emotet 101, stage 2: The malicious attachment and killchain

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:56:43 +0000

By SophosLabs Research The Emotet malware family is in a constant state of evolution and change. From day to day or week to week, the malware&#8217;s creators and distributors take an active role in changing up the killchain – the sequence of events that begins with a victim receiving a malicious file attachment, and ends [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/C8Iq5Z7cCTc” height=”1″ width=”1″ alt=””/>

Read more

Emotet 101, stage 1: The spam lure

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:55:43 +0000

By SophosLabs Research Emotet operates on a mass scale. Everything it does, it does in bulk. A typical infection begins when the victim receives a specially crafted spam email. Emotet&#8217;s creators send these out by the thousands and, in some cases, the bots themselves send more. The lures employ mass-created malicious document files. The payload [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/7i2oOO4OT8A” height=”1″ width=”1″ alt=””/>

Read more