Clik here to view.
Attack and IE 0day Informations Used Against Council on Foreign Relations
Council on Foreign Relations (CFR.org), a foreign policy web group, has been victim of a targeted attack who seem to be linked to computer hackers traced to China. Regarding information’s posted on the...
View ArticleClik here to view.
Microsoft Release Security Advisory MSA-2794220 for CFE Internet Explorer 0day
Microsoft has release a security advisory MSA-2794220 for the Internet Explorer 0day used against Council on Foreign Relations (CFR.org) “drive-by” attack. This attack was reported the 28 December by...
View ArticleMicrosoft Internet Explorer CButton Vulnerability Metasploit Demo
Timeline : CVE reference assigned the 2012-09-06 First samples of the attack discovered in Google cache the 2012-12-07 Vulnerability discovered exploited in the wild on CFE.org around the 2012-12-26...
View ArticleClik here to view.
Capstone Turbine Corporation Also Targeted in the CFR Watering Hole Attack...
Since the release of MSA-2794220 by Microsoft, regarding the CVE-2012-4792 vulnerability, a Fix-it solution has been provided KB2794220. I urgently advise you to apply this Fix-it solution, or to use...
View ArticleClik here to view.
Chinese Uygur Minority Also Targeted in the CFR Watering Hole Attack And More
In my last blog post I reported you that the watering hole attack, involving an Internet Explorer 0day, was not limited to CFR.org, but also to energy manufacturer Capstone Turbine Corp. I also...
View ArticleMicrosoft Out-Of-Band Patch for Internet Explorer CVE-2012-4792 Vulnerability
Microsoft, announcing in an Advanced Notification, will release, this Monday at 10 a.m. PST, an out-of-band security update to address vulnerability CVE-2012-4792, who was actively exploited in the...
View ArticleMS13-008 Patch Internet Explorer CVE-2012-4792 0day Vulnerability
As announced yesterday, in an advanced notification, Microsoft has release an out-of-band patch MS13-008 to fix the an Internet Explorer 0day , CVE-2012-4792, discovered exploited in targeted attacks...
View ArticleClik here to view.
Watering Hole Campaign Use Latest Java and IE Vulnerabilities
Through a collaboration with (Jindrich Kubec (@Jindroush), Director of Threat Intelligence at avast! / Eric Romang (@eromang), independent security researcher), we can confirm that the watering hole...
View ArticleClik here to view.
Department of Labor Watering Hole Campaign Review
On April 30th, the watering hole campaign was published on a private mailing list and the May 1st, Invicia and AlienVault publicly reported, with technical details, that United States Department of...
View Article
