Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Java zero-day used in attacks on NATO member, U.S. defense organization

Java zero-day used in attacks on NATO member, U.S. defense organization

2015/07/13

Securityweek - (International) Security researchers at Trend Micro reported that the cyber-espionage group with monikers including Pawn Storm and APT28 was using a Java Oracle SE zero-day remote code execution vulnerability in attacks directed against the armed forces of a NATO member country as well as a U.S. defense organization by sending out emails containing links to malicious domains containing the exploit and a trojan dropper. [ed.: For more, see this post in the Optimal Security blog.]

Source: http://www.securityweek.com/java-zero-day-used-attacks-nato-member-us-defense-organization

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:41