Vulnerabilities and exploits

The main focus of Blue Termite is to attack Japanese organizations; and most of their C2s are located in Japan. The attack is still active and the number of victims has been increasing.

An operating system can be compared to a shield. All additional built-in security capabilities are rivets on the shield. What is more important is the architecture, the principles underlying the OS. This determines whether the shield will be made of paper, plywood or steel.

Microsoft releases a new batch of fourteen security updates patching over fifty vulnerabilities, with one of them known to be abused in targeted attacks.

In 2015, many of Darkhotel’s techniques and activities remain in use. However, in addition to new variants of malicious .hta, we find new victims, .rar attachments with RTLO spearphishing, and the deployment of a 0day from Hacking Team.

In the second quarter of 2015 Kaspersky Lab solutions detected and repelled a total of 379,972,834 malicious attacks from online resources. There were 5,903,377 registered notifications about attempted malware infections aiming at stealing money via online access to bank accounts. Were detected 291,887 new malicious mobile programs.

On November 14, 2014, security researchers from Kaspersky Lab warned LinkedIn about a security issue that could pose a major threat to its 360+ million users.

The day before yesterday was an important day for the information security industry. Investigators announced exploitation of the first ever 0-day vulnerability for cars. The wireless attack was demonstrated on a Jeep Cherokee.

Microsoft releases a long list of updates to multiple technologies today with 14 Security Bulletins (MS15-058, MS15-065 – MS15-077) patching 58 vulnerabilities, and at least 47 of them reported through a a responsible disclosure channel.

A powerful threat actor known as “Wild Neutron” has been active since at least 2011, infecting high profile companies for several years by using a combination of exploits, watering holes and multi-platform malware.

The past Saturday we had the privilege of participating in this year’s edition of “Nuit du Hack”, a French security conference.

Microsoft releases eight security bulletins today, updating a set of forty five software vulnerabilities. This month’s updates touch a smaller set of Microsoft software, but two of the Bulletins address kernel-level vulnerabilities and require a restart.

Police departments have been surveilling citizens for years with the help of security cameras set up throughout various cities. For hackers, being able to launch man-in-the-middle attacks on the video data is a short step away from replacing real video feeds with pre-recorded footage.

The security flaws of the OAuth protocol have been known for quite a while. However, this is the first time we have come across a phishing email used by fraudsters to put these techniques into practice.

For over half a decade, the Naikon APT waged multiple attack campaigns on sensitive targets throughout South-eastern Asia and around the South China Sea.

The Naikon APT was one of the most active APTs in Asia. The attackers targeted mainly top-level government agencies and civil and military organizations in countries such as the Philippines, Malaysia, Cambodia, Indonesia, Vietnam, Myanmar, Singapore, Nepal, Thailand, Laos and China. For years they have mined victims, apparently in search of geo-political intelligence.