(get it in RSS or Atom)

CPLINK Shortcut mitigation and certificate revocation

Default image

I have spent the last three days looking at how we can best protect ourselves against the latest Windows zero day vulnerability, aside from running up to date anti-virus software. We have named this exploit CPLINK within SophosLabs referring to Read more…

Windows zero-day attack works on all Windows systems

Directory listing of infected USB key

Update: I have recorded a new more detailed video of the infection. Other minor edits as well. For additional information on this threat see Windows zero-day vulnerability uses shortcut files on USB. It's been a busy 24 hours looking into Read more…

Windows zero-day vulnerability uses shortcut files on USB

Malicious link

The security community was buzzing today about a potential new zero-day vulnerability in Windows. The attack that exploits the vulnerability was originally discovered by VirusBlokAda in Belarus. It contains several components and is still being analyzed by SophosLabs. It starts Read more…