[This blog was primarily written by Xiaoning Li of Intel Labs, with assistance from Peter Szor of McAfee Labs.] In February 2013, the Adobe Product Security Incident Response Team (PSIRT) released security advisory APSA13-02. In that report they listed two vulnerabilities (CVE-2013-0640 and CVE-2013-0641) that were widely exploited. At Intel Labs and McAfee Labs we […]

Microsoft has issued Security Advisory 2718704, in which the company disclosed that it recently became aware of the Flamer/Skywiper threat, which uses certificates derived from the Microsoft Certificate Authority. The actual certificate in question was used to sign at least one of the attack components associated with the module in the Skywiper framework. This is […]

There has been quite a bit of analysis and speculation about the Flamer/Skywiper threat. As we started to analyze this threat, we knew from the very beginning that this was going to be a giant undertaking and potentially very long term. Now we want to pause to help the people we protect visualize the kind […]

A few weeks ago, Iran reported intensified cyberattacks on its energy sector that they observed as a direct continuation of the Stuxnet and Duqu attacks. Over the weekend, the IR Cert (Iran’s emergency response team) published a new report that describes this attack as Flame and/or Flamer. Some other news agencies also called  the attack […]

In September, I had the pleasure of giving the keynote speech at “Hacktivity 2011″ in Budapest, Hungary. I was very excited to see the large audience, about 1,000 visitors, among them very serious and well-known security professionals, instructors, and security enthusiasts. It was also exciting for me because I made the presentation in my native […]