Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Windows zero-day exploited by same group behind DNC hack
Source: Ars Technica
Windows zero-day exploited by same group behind DNC hack
Microsoft threat teams tied use of bug to APT28, aka "Fancy Bear"
SEAN GALLAGHER - 11/1/2016, 8:50 PM
On Oct. 31, Google's Threat Analysis Group revealed a vulnerability in most versions of Windows that is actively being exploited by malware attacks.
Today, Terry Myerson, executive vice president of Microsoft's Windows and Devices group, acknowledged the exploit was being used actively by a sophisticated threat group—the same threat group involved in the hacks that led to the breach of data from the Democratic National Committee and the Clinton campaign. And while a patch is on the way for the vulnerability, he encouraged customers to upgrade to Windows 10 for protection from further advanced threats.
Myerson wrote:
Microsoft customers using Windows 10 with Windows Defender Advanced Threat Detection are already protected against the zero-day, Myerson noted, because the software "will detect STRONTIUM’s attempted attacks thanks to ATP's generic behavior detection analytics and up-to-date threat intelligence."
[font size=1]-snip-[/font]
Microsoft threat teams tied use of bug to APT28, aka "Fancy Bear"
SEAN GALLAGHER - 11/1/2016, 8:50 PM
On Oct. 31, Google's Threat Analysis Group revealed a vulnerability in most versions of Windows that is actively being exploited by malware attacks.
Today, Terry Myerson, executive vice president of Microsoft's Windows and Devices group, acknowledged the exploit was being used actively by a sophisticated threat group—the same threat group involved in the hacks that led to the breach of data from the Democratic National Committee and the Clinton campaign. And while a patch is on the way for the vulnerability, he encouraged customers to upgrade to Windows 10 for protection from further advanced threats.
Myerson wrote:
Recently, the activity group that Microsoft Threat Intelligence calls STRONTIUM conducted a low-volume spear-phishing campaign. Customers using Microsoft Edge on Windows 10 Anniversary Update are known to be protected from versions of this attack observed in the wild. This attack campaign, originally identified by Google's Threat Analysis Group, used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers.
Microsoft customers using Windows 10 with Windows Defender Advanced Threat Detection are already protected against the zero-day, Myerson noted, because the software "will detect STRONTIUM’s attempted attacks thanks to ATP's generic behavior detection analytics and up-to-date threat intelligence."
[font size=1]-snip-[/font]
Read more: http://arstechnica.com/security/2016/11/windows-zero-day-exploited-by-same-group-behind-dnc-hack/
1 replies
= new reply since forum marked as read
= new reply since forum marked as read
