Sandworm

On Tuesday, October 14, 2014, iSIGHT Partners – in close collaboration with Microsoft – announced the discovery of a zero-day vulnerability impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012.

Microsoft is making a patch for this vulnerability available as part of patch updates on the 14th – CVE-2014-4114.

Exploitation of this vulnerability was discovered in the wild in connection with a cyber-espionage campaign that iSIGHT Partners attributes to Russia.

Visible Targets
Visibility into this campaign indicates targeting across the following domains. It is critical to note that visibility is limited and that there is a potential for broader targeting from this group (and potentially other threat actors) using this zero-day.

NATO

  • Ukrainian government organizations
  • Western European government organization
  • Energy Sector firms (specifically in Poland)
  • European telecommunications firms
  • United States academic organization

- See more at: http://www.isightpartners.com/2014/10/cve-2014-4114/#sthash.n43KudAG.dpuf

(...)

artigo completo