Attack and IE 0day Informations Used Against Council on Foreign Relations
Council on Foreign Relations (CFR.org), a foreign policy web group, has been victim of a targeted attack who seem to be linked to computer hackers traced to China. Regarding information’s posted on the...
View ArticleMicrosoft Release Security Advisory MSA-2794220 for CFE Internet Explorer 0day
Microsoft has release a security advisory MSA-2794220 for the Internet Explorer 0day used against Council on Foreign Relations (CFR.org) “drive-by” attack. This attack was reported the 28 December by...
View ArticleMicrosoft Internet Explorer CButton Vulnerability Metasploit Demo
Timeline : CVE reference assigned the 2012-09-06 First samples of the attack discovered in Google cache the 2012-12-07 Vulnerability discovered exploited in the wild on CFE.org around the 2012-12-26...
View ArticleCapstone Turbine Corporation Also Targeted in the CFR Watering Hole Attack...
Since the release of MSA-2794220 by Microsoft, regarding the CVE-2012-4792 vulnerability, a Fix-it solution has been provided KB2794220. I urgently advise you to apply this Fix-it solution, or to use...
View ArticleChinese Uygur Minority Also Targeted in the CFR Watering Hole Attack And More
In my last blog post I reported you that the watering hole attack, involving an Internet Explorer 0day, was not limited to CFR.org, but also to energy manufacturer Capstone Turbine Corp. I also...
View ArticleMicrosoft Out-Of-Band Patch for Internet Explorer CVE-2012-4792 Vulnerability
Microsoft, announcing in an Advanced Notification, will release, this Monday at 10 a.m. PST, an out-of-band security update to address vulnerability CVE-2012-4792, who was actively exploited in the...
View ArticleMS13-008 Patch Internet Explorer CVE-2012-4792 0day Vulnerability
As announced yesterday, in an advanced notification, Microsoft has release an out-of-band patch MS13-008 to fix the an Internet Explorer 0day , CVE-2012-4792, discovered exploited in targeted attacks...
View ArticleWatering Hole Campaign Use Latest Java and IE Vulnerabilities
Through a collaboration with (Jindrich Kubec (@Jindroush), Director of Threat Intelligence at avast! / Eric Romang (@eromang), independent security researcher), we can confirm that the watering hole...
View ArticleDepartment of Labor Watering Hole Campaign Review
On April 30th, the watering hole campaign was published on a private mailing list and the May 1st, Invicia and AlienVault publicly reported, with technical details, that United States Department of...
View Article
More Pages to Explore .....