VB Migration

Tag: watering hole

  • VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users

    Last week, Microsoft published a paper on two attack groups, dubbed PROMETHIUM and NEODYMIUM, that targeted individuals in Europe and that both used the then unknown and unpatched vulnerability CVE-2016-4117 in Abobe Flash Player . However, Microsoft wasn’t the first company to write about the PROMETHIUM group and the Truvasys malware it used. At VB2016 in Denver, Kaspersky…

  • VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users

    Last week, Microsoft published a paper on two attack groups, dubbed PROMETHIUM and NEODYMIUM, that targeted individuals in Europe and that both used the then unknown and unpatched vulnerability CVE-2016-4117 in Abobe Flash Player . However, Microsoft wasn’t the first company to write about the PROMETHIUM group and the Truvasys malware it used. At VB2016 in Denver, Kaspersky…

  • Twitter, Facebook accounts used in watering hole campaign

    USAID sympathizers targeted with links from ‘like-minded people’. Two social networking accounts have been discovered that were used in a recent targeted attack. Opinions on social networking vary, but there are many users who allow apparently like-minded people – that they may otherwise never have come across – to connect with them. Unfortunately, as blogger…

  • Microsoft offers fix-it for IE 8 zero-day

    CVE-2013-1347 used in watering hole attacks. Following this weekend’s discovery of a new zero-day vulnerability in version 8 of Microsoft ‘s Internet Explorer browser, the company has released a ‘fix-it’ that addresses the known attack vectors. Last week (ironically on Labour Day), researchers at AlienVault discovered that the website of the US Department of Labor…

  • From spear phishing to watering holes

    Symantec reports increase in ‘watering hole attacks’. Imagine that for some reason you wanted to gain access to my computer. One thing you could do is send me an email with some malware attached, or a link to a site serving malware. That is called spear phishing. Spear-phishing is commonly used in targeted attacks; for…