1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cyberespionage group Pawn Storm uses exploit for unpatched Java flaw

Discussion in 'CSO' started by RSS, Jul 13, 2015.

  1. RSS

    RSS New Member Member

    A sophisticated group of hackers known for targeting military, government and media organizations is currently using an exploit for a vulnerability in Java that hasn't been patched by Oracle.

    The zero-day exploit was recently observed by researchers from antivirus vendor Trend Micro in attacks against the armed forces of an unnamed NATO country and a U.S. defense organization. Those targets received spear-phishing emails that contained links to Web pages hosting the exploit.

    MORE ON CSO: What is wrong with this picture? The NEW clean desk test

    The cyberespionage group, known as APT28 and Pawn Storm, has been active since at least 2007. Some security vendors believe that it operates out of Russia and has ties to that country's intelligence services.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page