Multiple Targeted Attacks Against US Media Giants Originated from China
On late January it was revealed that Chinese hackers had been infiltrating the Ney York Times systems since October 2012. During those attacks, multiple email accounts were compromised. According to an...
View ArticleZero-Day Vulnerability in Adobe Products Exploited in the Wild – Successfully...
On February 12, the security company FireEye exposed an in-the-wild PDF exploiting a zero-day vulnerability in Adobe Acrobat and Adobe Reader. Adobe confirmed the publication, and added that the...
View ArticleMandiant Report Exposes “APT1″– China’s Cyber Espionage Unit
Despite the constant progression in both technological investigation measures and legislation on the field of cyber-attacks, the source of the most advanced persisted attacks usually remains...
View ArticleSouth Korea under Attack; 32,000 Computer were Compromised
According to Reuters news, a massive attack directed towards South Korea had paralyzed major institutions from the communication and financial sectors. The victims of the attack are Shinhan Bank and...
View ArticleUS Drones Industry is Targeted by Chinese Hackers in a Massive Campaign
A series of targeted attacks directed towards defense, aerospace and telecommunication industries in the US and in India was recently revealed by FireEye labs. The attackers were targeting multiple...
View ArticleThe Pentagon Directly Accuses China of Multiple Espionage Campaigns
On May 3rd Bloomberg News published a detailed article revealing a three-year-long cyber attack against Qinetiq North America. Qinetiq is a UK-based defense technology company, providing a variety of...
View ArticleZero-Day Vulnerability Exploited in the Wild – Successfully Prevented by...
Earlier this month (May 3rd) Microsoft had published an advisory concerning a previously unknown vulnerability in Internet explorer 8. This vulnerability allows remote code execution in the context of...
View ArticleMicrosoft Security Update: 10 Bulletins Addressing 33 Vulnerabilities,...
Microsoft had released (May 14th) ten security bulletins (MS13-037 – MS13-046), addressing 33 vulnerabilities. Two of the bulletins are considered critical, and the rest are important. One of these...
View ArticleNetTraveler Espionage Campaign
NetTraveler is the name given to a new cyber espionage campaign disclosed by Kaspersky Labs, which infected more than 350 high profile victims in 40 countries and has been operating since 2009. The...
View ArticleCVE-2013-1331 – A Zero Day Disclosed
Microsoft issued its weekly patch update last Tuesday, June 11, 2013, disclosing five new vulnerabilities (one critical and four important). We would like to focus on one of the vulnerabilities that...
View ArticleCVE-2013-3163 – Internet Explorer Vulnerability Exploited in the Wild
During the last days, Microsoft has received reports regarding an Internet Explorer memory corruption vulnerability being exploited in the wild. The exploit leveraging this vulnerability...
View ArticleJava Exploit Used at Watering Hole Attack
A report published on August 12th by Kaspersky Labs, describes Java exploitation of CVE-2012-4681 in a watering hole attack, targeting systems in the US and China. The Central Tibetan Administration...
View ArticleTechCrunch: “Goodbye Firewall, Hello Obstruction”
TechCrunch, one of the most influential information technology online magazine, had published Cyvera’s recent 11 million second round funding. the publication stresses Cyver’a unique approach: “Most...
View ArticleUS Universities Under Cyber Attacks
In recent months we have witnessed repeating cyber attacks on US universities and research institutes. It is anything but surprising, considering these institutes’ natural role as knowledge breeders...
View ArticleClik here to view.
CVE-2013-3893 – Analysis of the New IE 0-Day
Recently, an exploit targeting a 0-day vulnerability in Internet Explorer has been spotted in the wild. This vulnerability exists in all versions of Internet Explorer, from IE 6 to IE 11, but the...
View ArticleAdobe Source Code Breach
Adobe is investigating a breach that includes stealing its source code for Adobe Acrobat, ColdFusion, ColdFusion Builder and other Adobe products by an unauthorized third party. The breach also...
View ArticleIcefog Campaign
On September 25th, Kaspersky Labs released a report exposing a series of attacks related to a threat actor called ‘Icefog’. The attacks were conducted during the last three years. the victims were...
View ArticleClik here to view.
CVE-2013-3897 – Analysis of Yet Another IE 0-Day
While the security community is still discussing the Internet Explorer 0-day (CVE-2013-3893) that was used to perform targeted attacks in the Asia-Pacific region and was public for several weeks...
View ArticleClik here to view.
A Brief Analysis of Microsoft PatchGuard MSR Protection
In the course of implementing the next generation of kernel defenses here in Cyvera I found myself analyzing certain PatchGuard features in order to create defenses that enhance PatchGuard capabilities...
View ArticleEgobot Campaign
Symantec released a post disclosing a campaign dubbed ‘Egobot’ after its downloaded backdoor. Egobot is targeting Korean interests since 2009 by attacking executives working for Korean companies and...
View Article
