• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Kim Chanwoo (Security Specialist)

Kim Chanwoo

Security Specialist

Under the Hood of BKDR_ZACCESS

  • Posted on:November 6, 2012
  • Posted in:Malware
  • Posted by:
    Kim Chanwoo (Security Specialist)
0

In the previous quarter, we reported that we protected against more than 142 million threats in the first half of 2012 alone. One prominent threat in this period was ZACCESS, which is also known as ZeroAccess or SIREFEF. It can push fake applications and other malware onto infected systems, while using its rootkit capabilities to…

Read More

Technical Analysis of CVE-2012-1889 Exploit HTML_EXPLOYT.AE Part 3

  • Posted on:July 4, 2012
  • Posted in:Exploits, Malware, Vulnerabilities
  • Posted by:
    Kim Chanwoo (Security Specialist)
0

As discussed in our previous blog entries, we found an exploit (Trend Micro detection HTML_EXPLOYT.AE) that targets a vulnerability found in Microsoft XML Core Services (CVE-2012-1889). Based on our analysis, HTML_EXPLOYT.AE contains three key features: its usage of Microsoft XML Core Services, heap spray, and No ROP (Return-Oriented-Programming) function. Our two initial blog entries already…

Read More

Technical Analysis of CVE-2012-1889 Exploit HTML_EXPLOYT.AE Part 2

  • Posted on:July 4, 2012
  • Posted in:Exploits, Malware, Vulnerabilities
  • Posted by:
    Kim Chanwoo (Security Specialist)
0

In the first part of our three-part blog entry about HTML_EXPLOYT.AE, we provided an analysis on how HTML_EXPLOYT.AE uses Microsoft XML Core Services vulnerability (CVE-2012-1889). As previously discussed, HTML_EXPLOYT.AE has three key features: its usage of Microsoft XML Core Services, use of heap spray technique, and No ROP (Return-Oriented-Programming) function. In the second part of…

Read More

Technical Analysis of CVE-2012-1889 Exploit HTML_EXPLOYT.AE Part 1

  • Posted on:July 3, 2012
  • Posted in:Exploits, Malware, Vulnerabilities
  • Posted by:
    Kim Chanwoo (Security Specialist)
0

Last month, Microsoft released a fix tool in order to address a vulnerability in Microsoft XML Core Services. The said vulnerability, according to the Microsoft Security Advisory, could allow remote code execution if a user views a specifically crafted webpage using Internet Explorer. It has been given the identifier CVE-2012-1889. Since the vulnerability exists in…

Read More

JS_DLOADER.SMGA Exploits CVE-2012-1875 Vulnerability in Internet Explorer

  • Posted on:June 22, 2012
  • Posted in:Exploits, Malware, Vulnerabilities
  • Posted by:
    Kim Chanwoo (Security Specialist)
0

Last June 13, Microsoft released its security update for Cumulative Security Update for Internet Explorer (2699988) (CVE-2012-1875), which is exploited by a malware detected by Trend Micro as JS_DLOADER.SMGA. The attack code for this vulnerability has also been made public. There are few cases where that attack code is released simultaneously with Microsoft’s security update….

Read More
Page 1 of 212

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.