Search Results for: Nitro

Java 0Day and the Targeted Nitro Attacks Campaign Analysis

Reverse Engineering, , ,

Symantec, Kaspersky Labs, Trend Micro, Sophos and other security vendors continue to surf on the Java 0day targeted attack stuff. The vendors have agreed, in communion, that Java 0day was potentially used by the Chinese Nitro gang, through spear-phishing campaign. Nitro gang is well-known since another targeted campaign in 2011, reported by Symantec, focusing on … Continue reading Java 0Day and the Targeted Nitro Attacks Campaign Analysis

Microsoft Internet Explorer 0Day reported by ZDI to Microsoft ?

Various,

As you may know Microsoft has release MS12-063 out-of-band security bulletin, how fix 5 security vulnerabilities including CVE-2012-4969, the Internet Explorer 0day I discovered exploited in the wild by the Nitro gang last weekend. After analyzing MS12-063 and all the vulnerabilities fixed in this bulletin, I was surprised to see that CVE-2012-4969 was credited to … Continue reading Microsoft Internet Explorer 0Day reported by ZDI to Microsoft ?

Analyse d’une attaque RFI (Remote File Inclusion)

Various, ,

Comme tous les jours, un serveur web Internet est fréquement la cible d’attaques automatisées provenant de “scanner” RFI (Remote File Inclusion). Pour avoir une explication plus généraliste des attaques du type RFI, nous vous proposons de consulter Wikipedia. Nous allons dans l’exemple ci-dessous analyser le comportement d’une attaque d’un de ces scanner. Prenons comme base … Continue reading Analyse d’une attaque RFI (Remote File Inclusion)