Security Alerts & News
by Tymoteusz A. Góral

History
#826 APT groups finding success with patched Microsoft flaw
A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East.

Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code execution vulnerability where an attacker crafts an EPS image file embedded in an Office document designed to bypass memory protections on Windows systems.

Exploits have been used primarily to gain an initial foothold on targeted systems. Those targets are largely government and diplomatic agencies and individuals in India and Asia, as well as satellite offices of those agencies in Europe and elsewhere.

The Office flaw was patched in September in MS15-099 and updated again in November. Yet APT groups seem to be capitalizing on lax patching inside these high-profile organizations to carry out espionage. Some criminal organizations have also made use of exploits against this particular flaw, in particular against financial organizations in Asia, Kaspersky researchers said in their report.
Read more
#828 Wekby APT gang using DNS tunneling for command and control
#827 Skimmers found at Walmart: a closer Look
#826 APT groups finding success with patched Microsoft flaw
#825 Major DNS (NS1) provider hit by mysterious, focused DDoS attack
#824 Scary and fascinating: The future of big data
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12