14 matches found
Meet SockDetour fileless backdoor targeting U.S. Defense contractors
By Deeba Ahmed Researchers suspect that the SockDetour backdoor is used in attacks carried out by an APT advanced persistent threat… This is a post from HackRead.com Read the original post: Meet SockDetour fileless backdoor targeting U.S. Defense contractors...
New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. "SockDetour is a backdoor that is designed to...
Russian state-sponsored cyber actors targeting U.S. critical infrastructure
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here In a joint cybersecurity advisory, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA revealed that Russian state-sponsored threat actors target...
Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit
Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center MSTIC attributes this campaign with high confidence to DEV-0322, a group operating out of China, based on...
FormBook Malware Targets U.S. Defense Contractors, Aerospace and Manufacturing Sectors
Attackers spreading new malware called FormBook are singling out aerospace firms, defense contractors and some manufacturing organizations in the United States and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting the U....
Hack the Pentagon: Hackers find over 100 Bugs in U.S. Defense Systems
The "Hack the Pentagon" bug bounty program by the United States Department of Defense DoD has been successful with more than 100 vulnerabilities uncovered by white hat hackers in Pentagon infrastructure. In March, the Defense Department launched what it calls "the first cyber Bug Bounty Program i...
Chinese Hackers Compromised Forbes.com Using IE, Flash Zero Days
A Chinese APT group was able to chain together two zero day vulnerabilities, one against Adobe’s Flash Player and one against Microsoft’s Internet Explorer 9, to compromise a popular news site late last year. The group’s aim was to gain access to computers at several U.S. defense and financial...
Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year
Chinese hackers associated with the Chinese government have successfully infiltrated the computer systems of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe, a Senate investigators have found. The Senate...
Latest Internet Explorer zero-day linked to Elderwood Project
Last week we have seen ongoing attacks was exploiting a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 that came to light after the Council on Foreign Relations website was hacked and was hosting the code. Symantec has linked exploits to the group responsible f...
Latest Internet Explorer zero-day linked to Elderwood Project
Last week we have seen ongoing attacks was exploiting a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 that came to light after the Council on Foreign Relations website was hacked and was hosting the code. Symantec has linked exploits to the group responsible f...
Hackers broke into Lockheed Martin networks & U.S. defense contractors !
Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys...
Exclusive Report : Is Department of Defense (DoD), Pentagon, NASA, NSA is Secure ?
Exclusive Report : Is Department of Defense DoD, Pentagon, NASA, NSA is Secure ? Over the past couple of weeks there has been a series of discussions around why the U.S defense and Intelligence agencies are moving so quickly to adopt cloud computing. Are there any Security Holes in their Security...
U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) privilege escalation
Application executes all executables with predefined names found in system...
Q&A: Bruce Schneier
CNet’s Elinor Mills has produced an interesting Q&A interview with security guru Bruce Schneier where the cryptographer pokes fun at the National Cyber Security Month, talks about his background in crypto and working for the U.S. Defense Department, and says he fears privacy invasion more from...