Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Red October Attacks on the World

Created: 15 Jan 2013 • Updated: 16 Jan 2013 | 3 comments
This issue has been solved. See solution.

Hi All,

Good day.

Kaspersky Lab Identifies Operation “Red October,” an Advanced Cyber-Espionage Campaign Targeting Diplomatic and Government Institutions Worldwide
 which was running for past 5 years and stealing vital informations from the systems.

Since we are operating Globally can we find the same kinds of risks by SEP 12.1 ?

Best Regards

Ajin

 

Comments 3 CommentsJump to latest comment

SebastianZ's picture

Kaspersky mentiones in their reports exploits to known three vulnerabilities:

CVE-2009-3129 (MS Excel), CVE-2010-3333 (MS Word) and CVE-2012-0158 (MS Word)

 

...all of them are covered by following SEP signatures:

Bloodhound.Exploit.306 - Discovered: November 12, 2009
http://www.symantec.com/security_response/writeup....

Bloodhound.Exploit.366 - Discovered: November 18, 2010
http://www.symantec.com/security_response/writeup....

Bloodhound.Exploit.457 - Discovered: April 27, 2012
http://www.symantec.com/security_response/writeup....

 

and the newest would be:

Backdoor.Rocra - Discovered: January 14, 2013
http://www.symantec.com/security_response/writeup....

 

Hope that helps.

SOLUTION
Mick2009's picture

"Thumbs up" to the above.

This is a development that Symantec is aware of and will continue to monitor.

With thanks and best regards,

Mick

Ashish-Sharma's picture

HI,

Symantec has released Blog for Red October.

https://www-secure.symantec.com/connect/blogs/syma...

Thanks In Advance

Ashish Sharma