[ISN] Elite hacker gang has unlimited supply of zero-day bugs

From: InfoSec News <alerts_at_private>
Date: Mon, 10 Sep 2012 02:08:00 -0500 (CDT)
http://www.computerworld.com/s/article/9231051/Elite_hacker_gang_has_unlimited_supply_of_zero_day_bugs

By Gregg Keizer
Computerworld
September 7, 2012

An elite hacker group targeting defense industry sub-contractors has an 
inexhaustible supply of zero-days, or vulnerabilities that have yet to 
be publicized, much less patched, Symantec said today.

In a blog post, the security firm said, "The group seemingly has an 
unlimited supply of zero-day vulnerabilities."

Symantec also laid out its analysis of the gang, which it said was 
behind a slew of attacks dubbed the "Elderwood Project," after a source 
code variable used by the hackers.

Among the group's distinguishing characteristics, said Orla Cox, senior 
manager at Symantec's security response division, is its exploitation of 
at least eight zero-day vulnerabilities since late 2010, and four in a 
16-week span this spring and summer.

[...]


--
#HITB2012KUL - The 10TH ANNUAL HITB Security Conference in Malaysia
with no keynotes, no labs - just three tracks filled with our most
popular speakers from the last decade: http://conference.hitb.org/
Received on Mon Sep 10 2012 - 00:08:00 PDT

This archive was generated by hypermail 2.2.0 : Mon Sep 10 2012 - 00:07:53 PDT