Security Alerts & News
by Tymoteusz A. Góral

#1295 IT threat evolution in Q2 2016, overview (PDF)
In recent months we have been tracking a wave of cyber-espionage attacks conducted by different APT groups across the Asia-Pacific and Far East regions. They all share one common feature: they exploit the CVE-2015-2545 vulnerability. This flaw enables an attacker to execute arbitrary code using a specially crafted EPS image file. It uses PostScript and can evade the Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) protection methods built into Windows. The Platinum, APT16, EvilPost and SPIVY groups were already known to use this exploit. More recently, it has also been used by the Danti group.
Read more
#1296 Undocumented SNMP string exposes Rockwell PLCs to remote attacks
#1295 IT threat evolution in Q2 2016, overview (PDF)
#1294 Can IoT be the new frontier for cyber extortion?
#1293 Nonce-disrespecting adversaries: practical forgery attacks on GCM in TLS (PDF)
#1292 Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12