CVE-2012-0158

Pierluigi Paganini April 19, 2016
The Four Element Sword, weaponized document builder used in APT Attacks

Experts analyzed a dozen attacks that leveraged on malicious RTF documents created using the same Four Element Sword builder. Security experts at Arbor Networks’ Security Engineering and Response Team (ASERT) have spotted a tool used in advanced persistent threat (APT) attacks against organizations in East Asia. The researchers have analyzed a dozen attacks that leveraged on malicious Rich […]

Pierluigi Paganini April 10, 2015
Operation Buhtrap: New Spyware is targeting Russian Banking Sector

ESET has discovered a new hacking campaign dubbed Operation Buhtrap based on a family of spyware targeting vulnerabilities within the Russian Windows System. Late in 2014 analysts at ESET uncovered CVE-2012-0158, a buffer overflow vulnerability in the ListView / TreeView ActiveX controls in the MSCOMCTL.OCX library.  This particular malicious code can be activated by a […]

Pierluigi Paganini April 01, 2015
Energy companies infected by newly Laziok trojan malware

Symantec has discovered a cyber espionage campaign targeting energy companies around the world by infecting them with a new malware dubbed Laziok trojan. Security experts at Symantec have uncovered a new cyber espionage campaign that targeted the energy industry. The threat actors behind the campaign used uses a custom-developed malware dubbed Laziok trojan to exfiltrate sensitive data from […]

Pierluigi Paganini November 19, 2014
Gh0st RAT used in targeted attacks against Tibetan activists

APT actors trying to use the G20 2014 summit as a lure to compromise Tibetan nongovernmental organizations (NGOs) with Gh0st RAT. Security experts at ESET uncovered a new series of cyber attacks that targeted Tibetan nongovernmental organizations (NGOs) concurrently with the G20 2014 summit in Brisbane, Australia. The experts discovered that APTs behind the attacks used a strain of the Gh0st RAT characterized […]