Zero Day - Exploits...
165 views | +0 today
Follow
Your new post is loading...
Your new post is loading...
Scooped by The Historical Cyber Consortium
Scoop.it!

Apple zero-day vulnerability fully compromises your devices | ZDNet

Apple zero-day vulnerability fully compromises your devices | ZDNet | Zero Day - Exploits... | Scoop.it
The severe and previously unknown flaw circumvents Apple's stringent security features to compromise devices.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Compromised WordPress sites launch drive-by attacks off Pirate Bay clone

Compromised WordPress sites launch drive-by attacks off Pirate Bay clone | Zero Day - Exploits... | Scoop.it
This Pirate Bay clone is actively pushing the Nuclear exploit kit with an iframe and will infect vulnerable visitors via drive-by download attacks. We've also detected several WordPress sites injected with the same iframe.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Yeti still Crouching in the Forest - Securelist

Yeti still Crouching in the Forest - Securelist | Zero Day - Exploits... | Scoop.it
Last July, we published details on Crouching Yeti (aka Energetic Bear), an advanced threat actor involved in several APT campaigns.
more...
No comment yet.
Rescooped by The Historical Cyber Consortium from Cyber Security Health Care
Scoop.it!

Beware the militarization of cyberspace

Beware the militarization of cyberspace | Zero Day - Exploits... | Scoop.it
In recent months numerous hacking campaigns have been uncovered by security firms.

Via Institute for Critical Infrastructure Technology
more...
Institute for Critical Infrastructure Technology's curator insight, December 18, 2014 6:18 PM

In recent months numerous hacking campaigns have been uncovered by security firms. In many cases, they have been attributed to state-sponsored hackers.

Groups of hackers belonging to cyber units of several governments used sophisticated malicious code and hacking platforms to compromise computer networks worldwide. Private companies, government entities, critical infrastructure and citizens are all potential targets.

The overall activities of government entities in cyberspace are generally described as the “militarization of the cyberspace.” Governments are investing significant resources to improve their cyber capabilities, creating ‘cyberarmies’ to defend attacks from cyber space.

The debate about cyber weapons intensified after the discovery of the Stuxnet malware in 2010. Stuxnet was used by western entities to interfere with the Iranian nuclear program by sabotaging the centrifuges at the Natanz nuclear plant. A few months after the detection of Stuxnet, other malware was discovered - Flame and Duqu are two other high-profile cyber espionage tools that were used by state-sponsored actors.

Even when state-sponsored malware is discovered by security firms, the vulnerabilities it exploits are targeted by attackers for a long time, causing serious damage to unpatched systems. Consider the Stuxnet virus - its code exploited the Windows Shell in Microsoft Windows XP systems, coded as CVE-2010-2568 and patched four years ago. Unfortunately, the vulnerability is still being used in cyberattacks targeting millions of computers worldwide.

Malware researchers at Kaspersky Lab discovered that between November 2013 and June 2014, the same Windows Shell vulnerability was exploited 50 million times in attacks against nearly 19 million machines all over the world.

In late 2013 Kaspersky Lab’s Global Research & Analysis Team started a new investigation after several attacks hit the computer networks of various diplomatic service agencies. The attacks were part of a large-scale cyber-espionage operation dubbed “Red October,” inspired by the famous novel and movie “The Hunt For Red October”. The campaign acquired sensitive information from diplomatic, governmental and scientific research organizations in many countries, spanning Eastern Europe, the former USSR and Central Asia. 

The malware and control infrastructure used in the attacks was highly sophisticated, which may indicate government involvement. 

In March 2014 researchers at BAE Systems Applied Intelligence unearthed a cyber espionage campaign codenamed “Snake” that targeted governments and military networks. “Snake” had remained undetected for at least eight years.

Many other campaigns have been attributed to state-sponsored hackers. These are typically characterized by the nature of the targets, the level of sophistication and the duration of the attacks, which often take years to discover.

The U.S., Israel, Russia and China are considered the most advanced countries in cyber space, with their experts able to develop malware that could hit foreign networks and exfiltrate data in a covert way. They can also manage hacking campaigns that compromise their opponents’ infrastructures.

In many cases governments run operations concurrently with conventional attacks. Covert cyberattacks, for example, were blamed on Russia during its 2008 war with Georgia. The finger of suspicion was also pointed at Moscow over cyber offensives during the recent crisis in the Crimean peninsula.

European governments are also investing in malware development. Malicious code R2D2 (also known as “0zapftis” or “Bundestrojaner”) is an example of efforts by the German police and customs officials to spy on users and exfiltrate data from their PCs. 

In March Mikko Hyppönen, chief research officer of security specialist F-Secure told  the TrustyCon conference in San Francisco that almost every government is making an effort to improve its cyber capabilities.

Most of the hacking campaigns conducted by governments make use of highly sophisticated malware to compromise their targets - in many cases the code is designed to exploit zero-day vulnerabilities in the target’s infrastructure.

This malware, however, could easily go out of control. In another scenario, a “threat actor” could reverse engineer the source code and spread it “in the wild.” Cyber criminals, cyber terrorists and state sponsored hackers could enhance the malware and hit targets in an unpredictable way, making it difficult to identify the attack’s source.

The availability of government-built malware is also having a significant impact on the criminal underground - the main customers for zero-day exploits and malware coding services are  governments. Some security experts, for example, believethat two different Ukraine-based malware factories were behind Stuxnet’s coding, acting like “sub-contractors” for the U.S. and Israeli Governments.

What is the role of security companies in the militarization of  cyber space?

Some experts have argued that computer security companies may not prevent the spread of government-built malware in exchange for government favors.

The suspicion that security firms have “whitelisted” state-sponsored malware is certainly disconcerting - a policy like this would represent a serious menace to the overall Internet community. It also opens the door to a scary scenario in which a cyber weapon could run out of control.

Similar to nuclear armaments, the use of state-sponsored malware needs to be regulated by a legal framework and accepted on a global scale, establishing the rules of engagement.

Be aware, however - we are all nodes of a global network, and whoever controls this network will control the world. Governments will continue to focus their research on the development of new cyber weapons, including sophisticated malware that in the wrong hands, could be a dangerous menace.

Scooped by The Historical Cyber Consortium
Scoop.it!

Timeline of Sandworm Attacks | Security Intelligence Blog | Trend Micro

Timeline of Sandworm Attacks | Security Intelligence Blog | Trend Micro | Zero Day - Exploits... | Scoop.it
What can we learn from the timeline of Sandworm attacks?
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

SA-CORE-2014-005 - Drupal core - SQL injection | Drupal.org

SA-CORE-2014-005 - Drupal core - SQL injection | Drupal.org | Zero Day - Exploits... | Scoop.it
Advisory ID: DRUPAL-SA-CORE-2014-005 Project: Drupal core Version: 7.x Date: 2014-Oct-15 Security risk: 20/25 ( Highly Critical) AC:Basic/A:None/CI:All/II:All/E:Theoretical/TD:All Vulnerability: SQL Injection
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Microsoft updates Windows, IE, Office in busy Patch Tuesday - ZDNet

Microsoft updates Windows, IE, Office in busy Patch Tuesday - ZDNet | Zero Day - Exploits... | Scoop.it
A total of 24 vulnerabilities, many severe and a few being exploited in the wild, have been revealed and patched.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

New Bitcoin mining trojan spreading via Facebook in Portugal, Belgium, India, Romania, Serbia and other countries » TechWorm

New Bitcoin mining trojan spreading via Facebook in Portugal, Belgium, India, Romania, Serbia and other countries » TechWorm | Zero Day - Exploits... | Scoop.it
A new Bitcoin mining trojan is spreading like wild fire through Facebook private messages.  The Trojan which masquerades as a zip file contain .JPG im
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

BadUSB Can Turn Thumb Drives Into Cyberweapons

BadUSB Can Turn Thumb Drives Into Cyberweapons | Zero Day - Exploits... | Scoop.it
The code for BadUSB, a USB security exploit that allows attackers to turn a normal USB device into a malicious one, has been released to the public.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit - Malware Analysis / Ανάλυση Κακόβουλου Λογισμικού

Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit - Malware Analysis / Ανάλυση Κακόβουλου Λογισμικού | Zero Day - Exploits... | Scoop.it
Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit - δημοσιεύτηκε στην Malware Analysis / Ανάλυση Κακόβουλου Λογισμικού: This four part article series is a complete step-by-step tutorial on how to reverse engineer the...
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Video tutorial: What is Conficker?

Video tutorial: What is Conficker? | Zero Day - Exploits... | Scoop.it
Learn more about the history of this unusually successful malware
more...
No comment yet.
Rescooped by The Historical Cyber Consortium from Botnets
Scoop.it!

Researchers say Conficker is all about the money - CNET

Researchers say Conficker is all about the money - CNET | Zero Day - Exploits... | Scoop.it
Conficker's ties to a large spamming and password-stealing botnet give credence to the speculation that money, and possibly malicious Eastern European hackers, are behind the latest Internet worm infection.
The Historical Cyber Consortium's insight:

From 2009, but...

more...
Scooped by The Historical Cyber Consortium
Scoop.it!

Unmasking Google Users With a New Timing Attack

Unmasking Google Users With a New Timing Attack | Zero Day - Exploits... | Scoop.it
Unmasking Google Users With a New Timing Attack (An attacker could even use this attack in spear phishing campaigns or even could unmask the identity of Tor users http://t.co/g2DZZQLgIG)...
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Here's How Hackers Stole $80 Million from Bangladesh Bank

Here's How Hackers Stole $80 Million from Bangladesh Bank | Zero Day - Exploits... | Scoop.it
The recent cyber attack on Bangladesh's central bank that let hackers stole over $80 Million from the institutes' Federal Reserve bank account was reportedly caused due to the Malware installed on the Bank's computer systems.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Major malvertising campaign spreads Kovter Ad Fraud malware

Major malvertising campaign spreads Kovter Ad Fraud malware | Zero Day - Exploits... | Scoop.it
Cyber criminals are wreaking havoc on unpatched computers with this latest and the largest malvertising campaign in 2015 so far.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Details Surface on Stuxnet Patch Bypass | Threatpost | The first stop for security news

Details Surface on Stuxnet Patch Bypass | Threatpost | The first stop for security news | Zero Day - Exploits... | Scoop.it
HP's Zero Day Initiative published details of a bypass for a five-year-old Windows patch for the .LNK vulnerability exploited by Stuxnet.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Flash Pack Exploit Leads to New Family of Malware | Security Intelligence Blog | Trend Micro

Flash Pack Exploit Leads to New Family of Malware | Security Intelligence Blog | Trend Micro | Zero Day - Exploits... | Scoop.it
The FlashPack exploit kit is being used to deliver a new malware family to users.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Operation CloudyOmega: Ichitaro zero-day and ongoing cyberespionage campaign targeting Japan

Operation CloudyOmega: Ichitaro zero-day and ongoing cyberespionage campaign targeting Japan | Zero Day - Exploits... | Scoop.it
The campaign was launched by an attack group that has communication channels with other notorious attack groups including Hidden Lynx and the group responsible for LadyBoyle.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

SQL injection flaw opens Drupal sites to attack | ZDNet

SQL injection flaw opens Drupal sites to attack | ZDNet | Zero Day - Exploits... | Scoop.it
The Drupal 7 core is vulnerable to a "Highly Critical" SQL injection bug that could allow an attacker to compromise the site.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

iSIGHT discovers zero-day vulnerability CVE-2014-4114 used in Russian cyber-espionage campaign - iSIGHT Partners

iSIGHT discovers zero-day vulnerability CVE-2014-4114 used in Russian cyber-espionage campaign - iSIGHT Partners | Zero Day - Exploits... | Scoop.it
Zero-day impacting all versions of Microsoft Windows – used in Russian cyber-espionage campaign targeting NATO, European Union, Telecommunications and Energy sectors   On Tuesday, October 14, 2014, iSIGHT Partners – in close collaboration with Microsoft – announced the discovery of a zero-day vulnerability impacting all supported versions of Microsoft Windows …
more...
No comment yet.
Rescooped by The Historical Cyber Consortium from Business - Emerging Technologies - Movers & Shakers
Scoop.it!

Eight potential tech threats of the future - Economic Times

Eight potential tech threats of the future - Economic Times | Zero Day - Exploits... | Scoop.it
Economic Times
Eight potential tech threats of the future
Economic Times
Stuxnet was a worm that targeted specific machines in the nuclear facilities of Iran.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Romanian hackers exploited Bash Bug to hack Yahoo servers

Romanian hackers exploited Bash Bug to hack Yahoo servers | Zero Day - Exploits... | Scoop.it
The security expert Jonathan Hall found evidence that a gang of Romanian Hackers exploited the Bash Bug flaw to hack Yahoo servers.
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Conficker Most Reported Security Threat in 2014 So Far

Conficker Most Reported Security Threat in 2014. F-Secure finds six-year-old worm persists thanks to unpatched systems
more...
No comment yet.
Scooped by The Historical Cyber Consortium
Scoop.it!

Another Major Vulnerability Bashes Systems

Another Major Vulnerability Bashes Systems | Zero Day - Exploits... | Scoop.it
Vulnerabilities that permit remote network attacks against ubiquitous software components are the nightmares of security professionals.
more...
No comment yet.