The year so far has been a particularly stressful one for enterprise IT staff. Early in the year, concerns over data breaches and point of sale POS malware gave retailers something to worry about.
The long-simmering headache of Windows XP migration came to a head when support for the venerable OS ended in April. That would normally have been the security headline of the month, but a vulnerability in OpenSSL known as Heartbleed reared its less than welcome head.
All in all, then, IT ...
It is an interesting time to be in IT security today. PRISM and Edward Snowden taught many lessons about how companies should secure their data. There's been a lot of discussion about the surveillance aspect of this, but consider this whole affair from the side of the NSA.
To the NSA, this was a data breach of unprecedented proportions. All indications are that Snowden was able to exfiltrate a significant amount of classified data; what has been published so far represents ...
Microsoft has released a security bulletin announcing of a zero-day vulnerability affecting Microsoft Word. Furthermore, the company states that there are “limited, targeted attacks directed at Microsoft Word 2010.” If exploited, this vulnerability (CVE-2014-1761) could allow a remote attacker to execute commands remotely via specially crafted files and email messages.
Microsoft has also released preliminary details of the vulnerability and the exploit code. The vulnerability is exploited if a user opens an RTF file in Microsoft Word or previews or opens ...
Recently, a mass stabbing incident in Kunming, China left 29 victims dead. We came across an email which used this incident as social engineering bait. To appear legitimate, the message talks about the incident at length and cites several news outlets as its sources. It encourages the user to open the attached document for more information. The document is entitled “Violent terror attack,” probably named as such to pique the recipient’s interest.
Figure 1. Spammed message
The attached document is actually malicious, and ...
In the past few weeks, we have received several reports of targeted attacks that exploited various application vulnerabilities to infiltrate various organizations. Similar to the Safe Campaign, the campaigns we noted went seemingly unnoticed and under the radar. The attackers orchestrating the campaign we call the Siesta Campaign used multicomponent malware to target certain institutions that fall under the following industries:
Consumer goods and services
Media and telecommunications
Security and defense
Transport and traffic
Threat actors don’t always rely on complex attack vectors to infiltrate ...