Attack and IE 0day Informations Used Against Council on Foreign Relations
Council on Foreign Relations (CFR.org), a foreign policy web group, has been victim of a targeted attack who seem to be linked to computer hackers traced to China. Regarding information’s posted on the...
View ArticleMicrosoft Release Security Advisory MSA-2794220 for CFE Internet Explorer 0day
Microsoft has release a security advisory MSA-2794220 for the Internet Explorer 0day used against Council on Foreign Relations (CFR.org) “drive-by” attack. This attack was reported the 28 December by...
View ArticleMicrosoft Internet Explorer CButton Vulnerability Metasploit Demo
Timeline : CVE reference assigned the 2012-09-06 First samples of the attack discovered in Google cache the 2012-12-07 Vulnerability discovered exploited in the wild on CFE.org around the 2012-12-26...
View ArticleCapstone Turbine Corporation Also Targeted in the CFR Watering Hole Attack...
Since the release of MSA-2794220 by Microsoft, regarding the CVE-2012-4792 vulnerability, a Fix-it solution has been provided KB2794220. I urgently advise you to apply this Fix-it solution, or to use...
View ArticleChinese Uygur Minority Also Targeted in the CFR Watering Hole Attack And More
In my last blog post I reported you that the watering hole attack, involving an Internet Explorer 0day, was not limited to CFR.org, but also to energy manufacturer Capstone Turbine Corp. I also...
View ArticleMicrosoft Out-Of-Band Patch for Internet Explorer CVE-2012-4792 Vulnerability
Microsoft, announcing in an Advanced Notification, will release, this Monday at 10 a.m. PST, an out-of-band security update to address vulnerability CVE-2012-4792, who was actively exploited in the...
View ArticleMS13-008 Patch Internet Explorer CVE-2012-4792 0day Vulnerability
As announced yesterday, in an advanced notification, Microsoft has release an out-of-band patch MS13-008 to fix the an Internet Explorer 0day , CVE-2012-4792, discovered exploited in targeted attacks...
View ArticleWatering Hole Campaign Use Latest Java and IE Vulnerabilities
Through a collaboration with (Jindrich Kubec (@Jindroush), Director of Threat Intelligence at avast! / Eric Romang (@eromang), independent security researcher), we can confirm that the watering hole...
View ArticleReporters Without Borders Victim of Watering Hole Campaign
As mentioned by Jindrich on Twitter, it seems that the entity or entities behind the watering hole attacks don’t care to be caught or detected and it also seems that they don’t care if the Internet...
View ArticleA Deeper Look In CVE-2012-4792 Watering Hole Campaigns – Alljap Chapter
This post is a small part of an in-depth analysis of the watering hole campaign of December involving an Internet Explorer 0day. Jindrich Kubec and my self are working hard in order to synthesize all...
View ArticleGong Da Exploit Kit Add Java CVE-2013-1493 & IE CVE-2012-4792 & IE...
Like other Exploit Kits, Gong Da has add support for Oracle Java CVE-2013-1493 vulnerability, fixed in Oracle Java 6 Update 17, has also add support for Microsoft Internet Explorer CVE-2012-4969 and...
View ArticleDepartment of Labor Watering Hole Campaign Review
On April 30th, the watering hole campaign was published on a private mailing list and the May 1st, Invicia and AlienVault publicly reported, with technical details, that United States Department of...
View Article
More Pages to Explore .....