Cyber Security. Weekly Review June 10 - June 16, 2013
We present an analytical report on current cyber-threats and news, which is weekly prepared by our company employees.
The main objectives of the report are to increase the awareness of specialists about current technologies and trends in cyber threats and offer recommendations on prioritizing operational tasks of information protection.
The report will be useful in and recommended for study by specialists and information security managers, system administrators, engineers, as well as all professionals who should always be aware of the main trends in cyber security.
')
Over the past week published information about closing a variety of vulnerabilities. The most rapid update is required for Microsoft products: an exploit for one of the published vulnerabilities in Microsoft Office has been used in targeted attacks since February 2013.
The most critical vulnerabilities are remote execution of arbitrary code in Microsoft Office 2003 SP3 and Office 2011 for Mac, in most popular browsers (Microsoft Internet Explorer, Mozilla Firefox, Google Chrome), and also in Adobe Flash; privilege elevation in Microsoft Windows major versions and Linux OS.
Published in open access 2 exploit - remote code execution for Microsoft Internet Explorer 6-10 and privilege elevation in Linux.
In the statistics of mass and targeted attacks, an exploit was discovered for the aforementioned vulnerability in Microsoft Office, while in small numbers.
The materials for technical specialists include materials on mobile platforms, including Android malware analysis and data acquisition from iOS, analysis of a number of Trojans and rootkits, as well as an article about hacking methods for unmanned aerial devices.
In the news - new statements by Edward Snowden, a former NSA employee, phishing attacks from Iranian hackers, the possibility of monetizing a hacked email account and the original way of recruiting staff from botnet owners based on Zeus.
The full version of the report is available at the link in PDF format.
Voldokhin , dukebarman and alisaesage took part in the preparation of the report.
The main objectives of the report are to increase the awareness of specialists about current technologies and trends in cyber threats and offer recommendations on prioritizing operational tasks of information protection.
The report will be useful in and recommended for study by specialists and information security managers, system administrators, engineers, as well as all professionals who should always be aware of the main trends in cyber security.
')
Summary
Over the past week published information about closing a variety of vulnerabilities. The most rapid update is required for Microsoft products: an exploit for one of the published vulnerabilities in Microsoft Office has been used in targeted attacks since February 2013.
The most critical vulnerabilities are remote execution of arbitrary code in Microsoft Office 2003 SP3 and Office 2011 for Mac, in most popular browsers (Microsoft Internet Explorer, Mozilla Firefox, Google Chrome), and also in Adobe Flash; privilege elevation in Microsoft Windows major versions and Linux OS.
Published in open access 2 exploit - remote code execution for Microsoft Internet Explorer 6-10 and privilege elevation in Linux.
In the statistics of mass and targeted attacks, an exploit was discovered for the aforementioned vulnerability in Microsoft Office, while in small numbers.
The materials for technical specialists include materials on mobile platforms, including Android malware analysis and data acquisition from iOS, analysis of a number of Trojans and rootkits, as well as an article about hacking methods for unmanned aerial devices.
In the news - new statements by Edward Snowden, a former NSA employee, phishing attacks from Iranian hackers, the possibility of monetizing a hacked email account and the original way of recruiting staff from botnet owners based on Zeus.
The full version of the report is available at the link in PDF format.
Voldokhin , dukebarman and alisaesage took part in the preparation of the report.
Source: https://habr.com/ru/post/184152/
All Articles