Breaking News

LIAN LI Redefines Compact ATX Tower with the O11D MINI V2 TEAMGROUP Unveils DDR5 256GB (4×64GB) Ultra-Capacity Memory Kits Spire launches UD50C White PC chassis G.SKILL Announces T5 Neo Series DDR5-6400 CL38 512GB (64GBx8) Overclocked R-DIMM Memory Kit with AMD EXPO Support for AMD Ryzen Threadripper PRO Workstations ZOTAC to Launch GeForce RTX 5090 ARCTICSTORM AIO & GeForce RTX 5060 Low Profile

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

 iSIGHT Discovers Windows Server Vulnerability Used in Russian Cyber-espionage Campaign

iSIGHT Discovers Windows Server Vulnerability Used in Russian Cyber-espionage Campaign

Enterprise & IT Oct 14,2014 0

Russian hackers exploited a bug in Microsoft Windows and Windows Server 2008 and 2012 software to spy on computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunications sectors, according to cyber intelligence firm iSight Partners. Microsoft is making a patch for this vulnerability available as part of patch updates on the 14th – CVE-2014-4114.

Visibility into this campaign indicates targeting across the following domains, according to iSIGHT:

  • NATO
  • Ukrainian government organizations
  • Western European government organization
  • Energy Sector firms (specifically in Poland)
  • European telecommunications firms
  • United States academic organization

iSIGHT attributed this particular cyber-espionage campaign to anintrusion team that iSIGHT has dubbed 'Sandworm Team' based on its use of encoded references to the classic science fiction series Dune in command and control URLs and various malware samples.

The team has been previously referred to as Quedach by F-Secure, which detailed elements of this campaign in September 2014 but only captured a small component of the activities and failed to detail the use of the zero-day vulnerability.

iSIGHT says the Sandworm Team’s activities started around 2009. The team prefers the use of spear-phishing with malicious document attachments to target victims. Many of the lures observed have been specific to the Ukrainian conflict with Russia and to broader geopolitical issues related to Russia. The team has recently used multiple exploit methods to trap its targets including the use of BlackEnergy crimeware, exploitation of as many as two known vulnerabilities simultaneously, and this newly observed Microsoft Windows zero-day.

In late August, while tracking the Sandworm Team, iSIGHT discovered a spear-phishing campaign targeting the Ukrainian government and at least one United States organization. Notably, these spear-phishing attacks coincided with the NATO summit on Ukraine held in Wales.

On September 3rd, the spear-phishing attacks relied on the exploitation of a zero-day vulnerability impacting all supported versions of Microsoft Windows (XP is not impacted) and Windows Server 2008 and 2012. A weaponized PowerPoint document was observed in these attacks.

Tags: Hacking
Previous Post
Google Expands Shopping Service
Next Post
Alleged Dropbox Passwords Leaked Online

Related Posts

  • MSI has been hacked, be warned about where you download files

  • Hackers gain access to PS5 Debug Menu and show decrypted PS5 firmware files

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • EA Gets hacked - 780GB of data and sourcecode stolen

  • European Supercomputers Researching Covid-19 Report Hacking Attacks

  • Microsoft Offers You $100,000 If You Can Hack the Linux-based Azure Sphere

  • Zoom Users' Data have Been on Sale on Dark Web: report

  • Indonesia's Tokopedia Inverstigates Alleged Data Leak of 91 Million Users

Latest News

LIAN LI Redefines Compact ATX Tower with the O11D MINI V2
Cooling Systems

LIAN LI Redefines Compact ATX Tower with the O11D MINI V2

TEAMGROUP Unveils DDR5 256GB (4×64GB) Ultra-Capacity Memory Kits
PC components

TEAMGROUP Unveils DDR5 256GB (4×64GB) Ultra-Capacity Memory Kits

Spire launches UD50C White PC chassis
Cooling Systems

Spire launches UD50C White PC chassis

G.SKILL Announces T5 Neo Series DDR5-6400 CL38 512GB (64GBx8) Overclocked R-DIMM Memory Kit with AMD EXPO Support for AMD Ryzen Threadripper PRO Workstations
PC components

G.SKILL Announces T5 Neo Series DDR5-6400 CL38 512GB (64GBx8) Overclocked R-DIMM Memory Kit with AMD EXPO Support for AMD Ryzen Threadripper PRO Workstations

ZOTAC to Launch GeForce RTX 5090 ARCTICSTORM AIO & GeForce RTX 5060 Low Profile
GPUs

ZOTAC to Launch GeForce RTX 5090 ARCTICSTORM AIO & GeForce RTX 5060 Low Profile

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

be quiet! Pure Base 501

be quiet! Pure Base 501

Terramaster F8-SSD

Terramaster F8-SSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed