9 matches found
A Closer Look at APT Group Sofacy’s Latest Targets
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang. Research shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti...
Sofacy APT Adopts New Tactics and Far East Targets
CANCUN, Mexico – A new analysis of the Russian-speaking Sofacy APT gang shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti. Researchers at Kaspersky Lab this morning at its Security Analyst Summit, released their updat...
APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545
A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...
CVE-2011-4959
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2011-4959
CVE-2011-4959 affects SilverStripe: SQL injection in the addslashes method for SilverStripe 2.3.x < 2.3.12 and 2.4.x
CVE-2011-4959
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Targeted attack: experience from the trenches
Targeted attack: experience from the trenches Published: 2006-05-19, Last Updated: 2006-05-19 17:36:01 UTC by Chris Carboni Version: 2click to highlight changes Learning lessons from incidents is a very important part of incident handling. Yet with targeted attacks it is very hard as you need to...
CVE-2000-1090
Microsoft IIS for Far East editions 4.0 and 5.0 are affected by CVE-2000-1090, where a malformed URL employing the lead-byte of a double-byte character allows remote attackers to read source code of parsed pages. The root cause is improper handling of lead-byte in double-byte character sequences ...