Tag Archives: Targeted Attacks

A Strange Coincidence

After the revelation of the Chinese attack against the Gray Lady, other U.S. media companies have admitted to have been targeted by (probably state-sponsored) Chinese Hackers in 2012. Immediately after the NYT, even the Wall Street Journal has revealed to have been infiltrated, and similar rumors have emerged for Bloomberg and the Washington Post in what appears to be a systematic hostile campaign.

read more

The White House and The Red Dragon

Signing an executive order on the Employment o...

There’s no day without a new high-profile cyber attack. The last victim in order of time is The White House which has confirmed to have been targeted by an unsuccessful spear phishing campaign.

According to officials, hackers linked to China’s government have tried to break into the computer network used by the White House Military Office (WHMO), the president’s military office in charge of some of the U.S. government’s most sensitive communications, including strategic nuclear commands. This is considered one of the U.S. government’s most sensitive computer networks, since it is used by the White House Military Office for nuclear commands. The secrets behind the WHMO include data on the so-called “nuclear football,” the nuclear command and control suitcase used by the president to be in constant communication with strategic nuclear forces commanders for launching nuclear missiles or bombers.

read more

Consumer AVs And Exploit Prevention

Targeted attacks exploiting endpoint vulnerabilities are becoming more and more common and increasingly aggressive.

For this reason I could not help but notice the last report from NSS Labs dealing with the capability of 13 consumer grade AV products, to protect against two critical Microsoft vulnerabilities (CVE-2012-1875 and CVE-2012-1889). The successful exploitation of these critical vulnerabilities could result in arbitrary remote code execution by the attacker leading to very harmful consequences for the victim, such as, for instance, to make it become part of a botnet. Unfortunately a very common scenario in these troubled days.

read more