The Latest APT Attack by Exploiting CVE2012-0158 Vulnerability

May 16, 2013 By Antiy PTA Team With 0 Comments

Format overflow vulnerabilities are often exploited by APT attacks. In this type of vulnerabilities, CVE2012-0158 is the most commonly used one in the past year. Generally, the carrier of such vulnerability is a Rich Text Format (RTF) file, the internal data of which is saved as a hexadecimal stri……

Continue Reading

Patch for Vulnerability Used by the Duqu Delay

November 09, 2011 By Claud With 0 Comments

Microsoft released 4 patches in its security bulletin, but they weren’t able to repair the Windows kernel vulnerability (CVE-2011-3402) that is being exploited by Duqu. MS has recommended some security software which can defend against Duqu. Altogether 22 vendors, including Antiy Labs, were recomm……

Continue Reading

Vulnerabilities Found in Industrial Control Systems from Different Vendors

March 23, 2011 By Claud With 0 Comments

According to an alert published by US-CERT’s control system security team, 36 remote attack vulnerabilities were found this week. Several SCADA products of Siemens, Iconics, 7-Technologies and RealFlex Technologies, as well as human-computer interaction products of BroadWin are affected. Currently……

Continue Reading

Report on the Worm Stuxnet Attack

October 14, 2010 By Claud With 0 Comments

Recently, numerous news media have reported incidence about Stuxnet worm. Described as “super weapon”, “Pandora’s Box”, it has attacked the SIMATIC WinCC SCADA system of Siemens. The Stuxnet worm erupted in July this year. It utilizes at least four vulnerabilities of Microsoft operating system, in……

Continue Reading