Red October Attackers Return With CloudAtlas APT Campaign

The attackers behind the Red October APT campaign that was exposed nearly two years ago have resurfaced with a new campaign that is targeting some of the same victims and using similarly constructed tools and spear phishing emails. Red October emerged in January 2013 and researchers found that th...

The sword refers to the Android and iOS system DoubleDirect middle attack-vulnerability warning-the black bar safety net

A security researcher found a new man in the middle attack technique, it targets mostly run of the Android system and iOS system of smartphone and tablets. This is called DoubleDirect of art belonging to the middleman（MITM attack. An attacker can use this technique to put the victim to visit...

Most Targeted Attacks Exploit Privileged Accounts

We all like to write and talk about flashy zero-day vulnerabilities. However, a new threat report cautions enterprises not to flatter themselves, because the majority of criminals are not using valuable zero-days exploits to penetrate corporate networks: they’re phishing privileged account...

Microsoft Releases Emergency Out-of-Band Patch for Kerberos Bug MS14-068

Microsoft today released an "out-of-band" security updates to fix a critical vulnerability in all supported versions of its Windows Server software that cyber criminals are exploiting to compromise whole networks of computers. The Emergency patch release comes just one week after Microsoft provid...

Microsoft to Release Critical Out-of-Band Windows Patch

UPDATE–Microsoft on Tuesday released a rare out-of-band patch for a critical vulnerability in several versions of Windows and Windows Server, including Windows 8 and 8.1. The Ms14-068 vulnerability is a flaw in the Kerberos implementation in Windows that could enable an attacker to elevate his...

OnionDuke APT Malware served through Tor Network

The malicious Russian Tor exit node, which was claimed to be patching binary files, is actually distributing a malware program to launch cyber-espionage attacks against European government agencies. The group behind the rogue Tor exit node had likely been infecting files for more than a year,...

OpenShift: /proc/net/tcp information disclosure

It was found that OpenShift Enterprise did not restrict access to the /proc/net/tcp file in gears, which allowed local users to view all listening connections and connected sockets. This could result in remote system's IP or port numbers in use to be exposed, which may be useful for further...

Destructive BlackEnergy Malware Plug-Ins Target Cisco Routers

BlackEnergy, a converted crimeware tool, operates behind a laundry list of plug-ins for Linux and Windows systems that allows it to be used to attack Cisco networking devices, steal digital certificates, brick systems it infects, and skillfully hide from security analysts. Researchers from...

Attackers Exploiting Windows OLE Vulnerability

Attackers are using a zero day vulnerability in nearly all supported versions of Windows in a series of targeted attacks. The flaw is in the OLE technology in Windows and can be used for remote code execution is a targeted user opens a rigged Office file. Microsoft is warning customers that there...

Firms Detail Zero Days Targeting Windows Kernel

After they were patched in yesterday’s round of Patch Tuesday security bulletins, security firms have begun to peel back the layers on two zero-day vulnerabilities that are being used in limited, targeted attacks against Microsoft’s Windows Kernel. According to FireEye, one of the firms that...

Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

As part of monthly patch update, Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw reportedly being exploited by Russian hackers to target NATO computers and a pair of zero-day Windows vulnerabilities that attackers have been...

New Timing Attack Could De-Anonymize Google Users

A new timing attack has been disclosed that could de-anonymize Google users under particular conditions. Google acknowledged the issue to researcher Andrew Cantino, the vice president of engineering at Mavenlink, but told him it would not address the issue because the risk is low. “I agree that...

Study: Uyghur Remain in Crosshairs of Targeted Attacks

It’s no secret that activists groups supporting the Uyghur and other ethnic minorities living either in exile or in oppressed nations have been in the crosshairs of targeted attacks for years. Regimes use phishing emails, other social engineering tactics, and drive-by downloads to infect computer...

Phishers Use Luis Suarez Bite as Bait

The World Cup is the most popular sporting event on the planet, and not just among sports fans; attackers and scammers of all stripes love it as well, as it presents a unique opportunity to separate victims from their money. Phishing and malware scams tied to the World Cup in Brazil have been...

Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the ITS InfoTech Storage Protocol URI...

openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)

The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability CVE-2011-0609 could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild...

openSUSE Security Update : flash-player (openSUSE-SU-2012:0265-1)

flash-player was updated to the security update to 11.1.102.62. It fixes lots of security issues, some already exploited in the wild. Details can be found on: https://www.adobe.com/support/security/bulletins/apsb12-03.h tml These vulnerabilities could cause a crash and potentially allow an attack...

Microsoft Working on Patch for IE 8 Zero Day

UPDATE–Microsoft officials say they’re well aware of the Internet Explorer 8 zero day disclosed Wednesday by the Zero Day Initiative and have been working on a fix for it. However, there’s no stated timeline for releasing that patch. The vulnerability in IE 8 is a use-after-free bug in the way th...

Security Update Released to Address Recent Internet Explorer Vulnerability

Today, we released a security update to address the Internet Explorer IE vulnerability first described in Security Advisory 2963983. This security update addresses every version of Internet Explorer. While we’ve seen only a limited number of targeted attacks, customers are advised to install this...

Flash Zero Day Used to Target Victims in Syria

A couple days after Microsoft warned users about a new vulnerability in Internet Explorer that’s being used in targeted attacks, Adobe on Monday said that researchers have discovered a zero day in Flash, as well, which attackers are using to target victims in Syria through a watering hole attack ...