I thought most here would like this article. This is a Zero-Day (first time) that attacks Internet Explorer 10 with Adobe, which reportedly compromised the VFW website. This article reports that this attack infected VFW websites as part of a "watering hole" attack to target a specific group of users (military in this attacks). Why military retirees you ask? How many here are a retiree and are currently working in a GS position or as a military contractor for you Cleared Defense Company (CDC) or the USG? How many times have you logged onto your work portal from you home computer to work? How many have logged onto your work email network, checked your AKO? How many of you have worked on a PowerPoint or work project or document from home then up loaded it onto your work email to in turn open it up on you work computer (work station-Box) to continue working on it or to upload it onto your desktop, portal, BLUF your WORK NETWORK? This is a VERY typical TTP from China and Russian groups. Back door entry via other network, VA or VFW Membership, to a Goverement or controlled computer network.
Quote:
|
A possible objective in the SnowMan attack is targeting military service members to steal military intelligence,” FireEye researchers wrote in a blog post. “In addition to retirees, active military personnel use the VFW website. It is probably no coincidence that Monday, Feb. 17, is a U.S. holiday, and much of the U.S. Capitol shut down Thursday amid a severe winter storm.
|
Keep in mind this is just reported on just this Thursday, 13 Feb 14 and this was a Zero-Day attack. So just like the Target Credit Card CNE intrusion. This could open up to be more then just VFW Webpage.
http://www.securityweek.com/new-ie-1...ng-us-military
Linear Mode
