Remove 2012 Remove Government Remove Internet
article thumbnail

North Korea-linked APT37 exploited IE zero-day in a recent attack

Security Affairs

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. “Successful exploitation of this vulnerability requires an attacker to first prepare the target so that it uses Edge in Internet Explorer Mode.”

Internet 144
article thumbnail

An Interview With the Target & Home Depot Hacker

Krebs on Security

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

China-linked APT Mustang Panda upgrades tools in its arsenal

Security Affairs

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

article thumbnail

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Security Affairs

“As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint servers.” If AMSI can’t be enabled, disconnect servers from the internet or limit access using VPN/proxy/authentication gateway.

article thumbnail

Head Mare and Twelve join forces to attack Russian entities

SecureList

Our telemetry data revealed domain controllers still running Microsoft Windows Server 2012 R2 Server Standard x64 or, as in the aforementioned incidents, Microsoft Exchange Server 2016 used for email. Localtonet is a reverse proxy server providing internet access to local services. An example download link is: hxxp://45[.]156[.]21[.]148:8443/winuac.exe

article thumbnail

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Zero Day

One US state official said the attackers had "hijacked" a collection of documents designed to help people understand how their government works, the Post added. Active since 2012, Linen Typhoon specializes in stealing intellectual property, mainly targeting government, defense, strategic planning, and human rights organizations.

article thumbnail

Social media beats TV as top American news source for first time, study finds

Zero Day

Also: How new Facebook policies incentivize spreading misinformation For the first time this year (the RISJ has released a media report every year since 2012), the No. 1 spot, or the largest proportion of respondents who used a particular source in the past week, went to social media, with 54%. Traditional television claimed the No.

Media 86