targeted attack

Introduction The FortiGuard Virtualization Execution X (VEX) system – a behaviour-based, in-house framework designed to identify zero-day samples – has detected a previously undiscovered iteration of the BlackMoon Trojan. BlackMoon Trojan is a banking trojan that is designed to phish user credentials from various South Korean banking institutions. It was discovered in early 2014 and was named after a debug string, “BlackMoon”, that was present in its code. While the BlackMoon malware code has been constantly updated... [Read More]
by RSS Rommel Joven, Floser Bacurio and Roland Dela Paz  |  Apr 23, 2016  |  Filed in: Security Research
Introduction Last month, iSightPartners revealed a Microsoft Office zero-day leveraged in a targeted attack by a Russian cyber espionage team. This vulnerability has been patched in Microsoft bulletin MS15-070. CVE-2015-2424 was assigned to this vulnerability. In this blog post, we will discuss the nature of the vulnerability to give some insights to other researchers for understanding and detecting this specific Word vulnerability. Multi-directory entries chaining We first extracted the embedded objects inside the exploit document... [Read More]
by RSS Wayne Chin Yick Low  |  Sep 01, 2015  |  Filed in: Security Research