First Java zero-day in two years exploited by Pawn Storm crackers
From http://www.net-security.org/secworld.php?id=18618
Quote:
Another zero-day vulnerability is being exploited in attacks spotted in the wild: this time, the targeted software is Java.
The flaw was spotted by Trend Micro researchers, who are closely monitoring a targeted attack campaign mounted by the economic and political cyber-espionage operation Pawn Storm.
The existence of the flaw was discovered by finding suspicious URLs that hosted the exploit.
"The said URLs hosting the new Java zero-day exploit are similar to the URLs seen in the attack launched by the threat actors behind Pawn Storm that targeted North Atlantic Treaty Organization (NATO) members and White House last April 2015," they explained.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|