Category Archives: 0-Day

Neosploit Gets Java 0-Day

Neosploit has been popping up every once and awhile, quietly infecting users without a whole lot of attention. This past week, its author(s) decided to update Neosploit with the latest Java exploit. It now joins the likes of Blackhole and … Continue reading

Posted in 0-Day, Exploit Packs, Malscript | Tagged , , , , , | Leave a comment

Java 0-Day Using Latest Dadong’s JS Obfuscator

Since everyone knows about this, I can finally share my piece. Here’s the landing page which is all Javascript. The script is using “Dadong’s JSXX 0.44 VIP” Javascript obfuscator. This isn’t the first time Dadong’s obfuscator has been used with … Continue reading

Posted in 0-Day, Malscript | Tagged , , | 3 Comments

CVE-2011-2140 Caught in the Wild

A Chinese website contains malvertisement that leads to a few exploits including the latest Flash exploit (CVE-2011-2140). Special thanks to Jason for the find and share! Here’s the website that kicks things off: This is the infection chain: It’s quite … Continue reading

Posted in 0-Day, Exploit Packs, Malscript | Tagged , , , , | 2 Comments

Flash 0Day Found in Drive-By

The recently announced Adobe Flash 0day exploit (CVE-2011-0611) has been found in the wild as a drive-by download. The exploit targets Adobe Flash Player version 10.2.153.1 and works quite reliably. Here’s a portion of Javascript code for an exploit shared … Continue reading

Posted in 0-Day, Malscript | Tagged , , , , , | 4 Comments