A pattern emerges from the document exploits recently used by HORSMY, ESILE, FARFLI, and other targeted campaigns. Likely sourced in cybercriminal underground markets, this template exploit can be modified depending on what attackers need from their targets.
A new campaign inched closer to Japanese government and private entities with backdoor malware attacks on the commonly used word processing software Ichitaro. The ANTIFULAI campaign enters networks via clever email subjects, such as a job application inquiry.
Recent targeted attacks that send bogus emails from a Chinese newspaper were found targeting systems with Windows PowerShell installed. The PowerShell command line is typically found on Windows 7 onwards and is used to automate Windows applications.
Are all these large-scale Point-of-Sale (PoS) system attacks proof that attackers target payment cards more? While naming 2013 the "Year of the Retailer Breach", Verizon says POS-related cases have gone down in numbers since they peaked in 2010.