Running for Office: Russian APT Toolkits Revealed

Discussion in 'other security issues & news' started by Rasheed187, Aug 9, 2016.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
  2. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    331
    Clickbait article...
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Care to explain? Perhaps I missed something?
     
  4. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    331
    Article states: "Using Recorded Future, we analyzed information published to the web linking Russian APTs to exploited vulnerabilities from January 1, 2012 to July 31, 2016." They 'repurpose' research from other parties and don't provide any new intelligence.

    And their table of CVE's is wrong:
    CVE-2013-0641 was combined with CVE-2013-0640 and thus an exploit is available
    CVE-2014-3897 is a typo of CVE-2013-3897 (CVE-2013-3897 is already in their table)
    Exploit code for CVE-2014-1776 is publically available
    Exploit sample for CVE-2015-2424 can be obtained from public sources
    Exploit for CVE-2016-4117 was not used by APT28, but by ScarCruft and a sample is available online.
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    OK I see, so you was not impressed with the info.
     
Loading...