Results for cyber espionage

Threat Research

Multi-COM Loading Methods Used In Targeted Attack

Introduction Last month, iSightPartners revealed a Microsoft Office zero-day leveraged in a targeted attack by a Russian cyber espionage team. This vulnerability has been patched in Microsoft bulletin MS15-070. CVE-2015-2424 was assigned to this vulnerability. In this blog post, we will discuss the nature of the vulnerability to give some insights to other researchers for understanding and detecting this specific Word vulnerability. Multi-directory entries chaining We first extracted the embedded objects inside the exploit document...

By Wayne Chin Yick LowSeptember 01, 2015

By Stefanie HoffmanJuly 05, 2014