FYI...
Java 0-day added to Blackhole Exploit Kit
- http://community.websense.com/blogs/...ploit-kit.aspx
28 Aug 2012 - "... exploit code for the Java vulnerability has been added to the most prevalent exploit kit out there; Blackhole... The Pre.jar file (VirusTotal link*) will use the new vulnerability to install the malware (VirusTotal link**) itself. In this particular attack it was a banking trojan as can be seen from our ThreatScope report(1)... A technical analysis of these two vulnerabilities is available at the blog Immunity Products in this post(2)."
* https://www.virustotal.com/file/65ac...f874/analysis/
File name: Pre.jar
Detection ratio: 17/42
Analysis date: 2012-08-29 10:43:59 UTC
** https://www.virustotal.com/file/eee0...8137/analysis/
File name: about.exe
Detection ratio: 18/42
Analysis date: 2012-08-29 04:32:07 UTC
1) http://community.websense.com/cfs-fi...hreatscope.png
2) http://immunityproducts.blogspot.com...2012-4681.html
___
- http://h-online.com/-1677789
29 August 2012 - "... Users who have a vulnerable version installed on their systems are advised to disable the browser plugin that provides Java support..."
- https://krebsonsecurity.com/2012/08/...ged-two-flaws/
August 29, 2012 - "... If you want to test whether you’ve successfully disabled Java, check out Rapid7's page, http://www.isjavaexploitable.com/ ."