Sednit: Hacker Group uses vulnerabilities in Microsoft public

which was hacker group Sednit recently again in focus, as it has been linked to a hacking attack on the French presidential candidate Emmanuel Macron in conjunction. During the same period, a phishing E-mail has attracted the attention of European security software vendor ESET as he tells in a blog post . Victim of the attack with information should be brought to the missile attack received recently by the media in Syria to an email to open attachment, which contains the well-known spy tool “Seduploader”.

 motive photo hacker (image: Shutterstock)

the Word document with the file name “Trump’s_Attack_on_Syria_English. docx” two zero-day exploits (0days) used what vulnerabilities exploited Microsoft in . Of an exploit is a remote code execution vulnerability (RCE) in Microsoft Word (CVE-2017-0261). The other provides for a local privilege escalation (LPE) in Windows (CVE-2017-0263). Microsoft has already responded and after notice from ESET released an emergency patch, yesterday was circulated with the monthly security update.

“which Sednit group shows that it is still far from, to stop”, says Alexis Dorais-Joncas, ESET security intelligence team lead. “You hold while old habits – such as reusing old code and known attack vectors to exploit. However we have found months also several improvements over the past in the ‘Seduploader’.”

ESET researchers observe the activities of the Sednit group, which is known also under the pseudonyms APT28, fancy bear and Sofacy, his own statements according to already for a long time. The hacker group, operates since at least 2004 with-em purpose to capture sensitive information from selected scheduled destinations. In October 2016, ESET released an extensive analysis of the attack methods and tactics of Sednit in a white paper titled “En Route with Sednit”.

WEBINAR

what next – BB´s storage & co: the enterprise cloud!

get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.

Be the first to comment

Leave a Reply