Clik here to view.
Additional Information on Gauss and Flame Leads to Different Conclusion
UPDATE: In our post earlier today, we concluded that there was some sort of relationship between the Gauss and Flame malware actors based on observing CnC communication going to the Flame CnC IP...
View ArticleClik here to view.
Zero-Day Season is Not Over Yet
New Java zero-day vulnerability has been spotted in the wild. We have seen this unpatched exploit being used in limited targeted attacks. Most of the recent Java run-time environments i.e., JRE 1.7x...
View ArticleClik here to view.
Java Zero-Day – First Outbreak
A few days ago I talked about the existence of a new java zero-day flaw (CVE-2012-4681). Soon after the publication of my blog, the white-hats kicked in and there was Proof Of Concept (POC) code ready...
View ArticleClik here to view.
Analysis of Malware Page
Target and Delivery Method Malware Page employs the vulnerability in PDFs and has been seen to be delivered via email. Agenda_Web_(8-24-12).pdf is one of the names this malicious sample uses. Per our...
View ArticleClik here to view.
Looking Forward to Windows 8: A Look Back at Windows Security
With the release of Windows 8 scheduled for October 26, Windows security is on our mind. Windows is one of the most widely used operating systems in the world, making it a lucrative target for exploit...
View ArticleClik here to view.
CFR Watering Hole Attack Details
[Updated on December 30, 2012] On December 27, we received reports that the Council on Foreign Relations (CFR) website was compromised and hosting malicious content on or around 2:00 PM EST on...
View ArticleClik here to view.
The Number of the Beast
Yesterday, we sent out a warning regarding the PDF zero-day we found being exploited in the wild. Adobe has released a security advisory with mitigations. Here are more details about the attack. The...
View ArticleClik here to view.
YAJ0: Yet Another Java Zero-Day
Through our Malware Protection Cloud (MPC), we detected a brand new Java zero-day vulnerability that was used to attack multiple customers. Specifically, we observed successful exploitation against...
View ArticleIE Zero Day is Used in DoL Watering Hole Attack
Similar to what we found before in a series of watering hole attacks, targeting CFR and Chinese Dissidents, zero-day and just patched vulnerabilities were used. In the latest watering hole attack...
View ArticleNew IE Zero-Day Found in Watering Hole Attack
FireEye Labs has identified a new Internet Explorer (IE) zero-day exploit hosted on a breached website based in the U.S. It’s a brand new zero-day that targets IE 10 users visiting the compromised...
View ArticleClik here to view.
Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars...
On February 11, FireEye identified a zero-day exploit (CVE-2014-0322) being served up from the U.S. Veterans of Foreign Wars’ website (vfw[.]org). We believe the attack is a strategic Web compromise...
View ArticleClik here to view.
Operation GreedyWonk: Multiple Economic and Foreign Policy Sites Compromised,...
Less than a week after uncovering Operation SnowMan, the FireEye Dynamic Threat Intelligence cloud has identified another targeted attack campaign — this one exploiting a zero-day vulnerability in...
View ArticleNew Zero-Day Exploit targeting Internet Explorer Versions 9 through 11...
Summary FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks. The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through...
View Article
