“Further analysis by iSIGHT Partners revealed that the exploit employed an additional 0-day bypass mitigation vulnerability in Internet Explorer (CVE-2015-0071), when needed, in order to bypass Address Space Layout Randomization (ASLR) protections available in IE version 9+.”īoth of these vulnerabilities have been patched – the Flash 0-day on December 9, 2014, and the IE one this Tuesday.
Our analysis concluded that this widget was compromised using a Flash 0-day exploit to gain control of unsuspecting users’ machines within targeted firms.” “The attack was executed against specific targets by compromising the Thought of the Day (ToTD) Adobe Flash widget that appears initially whenever anyone visits any page or article. That attack was detected and thwarted by Invincea’s Advanced Threat Protection endpoint product, FreeSpace, even as the attack evaded several layers of network defenses at the company and in spite of the attack employing 0-day exploits,” Invincea researchers explained. “In late November 2014, a United States Defense Industrial Base company encountered an intrusion attempt while visiting the website. The compromise lasted from 28 November to 1 December, 2014, and according to both iSight Partners and Invincea researchers, the targeted visitors were those working for US defense contractors and financial services companies. – the 61st most popular website in the US according to Alexa – has been compromised to redirect certain visitors to websites delivering espionage malware.
0 kommentar(er)
