Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Government Security Your Rights Online

Ongoing Attacks Target Defense, Aerospace Industries 77

Gunkerty Jeb writes "Researchers have identified a strain of malware that's being used in a string of targeted attacks against defense contractors, government agencies and other organizations by leveraging exploits against zero-day vulnerabilities. The attacks may have been going on since 2009 in some form and the emails containing the malicious attachments are specifically targeted at executives and officials in various industries using fake conference invitations. The attack campaign, as many do, appears to be changing frequently, as the attackers use different binaries and change up their patterns for connecting to remote command-and-control servers. The research, done by Seculert and Zscaler, shows that the attackers are patient, taking the time to dig up some information about their potential targets, and are carefully choosing organizations that have high-value intellectual property and assets (PDF)."
This discussion has been archived. No new comments can be posted.

Ongoing Attacks Target Defense, Aerospace Industries

Comments Filter:
  • by Shag ( 3737 ) on Tuesday January 31, 2012 @04:14PM (#38881203)

    So, let's see it defend.

  • I wonder... (Score:4, Interesting)

    by AngryDeuce ( 2205124 ) on Tuesday January 31, 2012 @04:16PM (#38881231)
    China? Wouldn't be surprised...
  • by Anonymous Coward on Tuesday January 31, 2012 @04:25PM (#38881331)
    Or so some proclaim. I have to laugh all the times that I see people posting that there is no cold war by china against the west. China is NOT interested in what is best for their citizens. China is not even interested in grabbing Taiwan and simply calling it quits. They are interested in what will put their communist leadership in effective control. Sadly, most republicans and a number of dems are working hand in hand with the communist and handing it over to them.
  • by Anonymous Coward on Tuesday January 31, 2012 @04:31PM (#38881415)

    I work for a military-tech company of sorts, and I'm pretty sure I've seen malicious emails like this.. sounds pretty familiar with the bogus conference invites. Fortunately, the company seems to have competent IT, and most non-software people have pretty locked-down machines. Also, if you actually click a link in a malicious email, our internal DNS redirects to a page that essentially calls you an idiot for clicking that link, and warns you to be suspicions of certain emails or else IT will come give you a stern talking to.

    Executable attachments simply don't get through, as is common with corporate email. There are better ways to send things anyway.

    Certainly some emails would get through the cracks, but whatever my IT department does to make this work seems pretty effective.

This login session: $13.76, but for you $11.88.