The Elderwood Project

Brian BowlbyCompNet

Review of material on Symantec website (www.symantec.com)

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf

http://www.symantec.com/connect/blogs/how-elderwood-platform-fueling-2014-s-zero-day-attacks

What is the Elderwood Project (also called the Elderwood Platform)?

A set of zero-day exploits that have been engineered and packaged in a “consumer-friendly” way to allow non-technical people to easily attack their targets.

Name Elderwood comes from source code variable used by the attackers

What are zero-day exploits?

Exploits that exist in the initial release of a software package

Often unknown to the programmer(s)

May be known, but too expensive or time consuming to correct

Generally, serious vulnerabilities are rare (8 identified in 2011)

Which zero-day exploits are included?

• Adobe Flash Player Object Type Confusion Remote Code

Execution Vulnerability (CVE-2012-0779)

• Adobe Flash Player Remote Code Execution Vulnerability(CVE-2012-1535)

• Microsoft Internet Explorer Same ID Property Remote Code Execution Vulnerability (CVE-2012-1875)

• Microsoft XML Core Services Remote Code Execution Vulnerability(CVE-2012-1889)

Newer packages include exploits of these vulnerabilities

• Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2014-0322)

• Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-0324)

• Adobe Flash Player and AIR Remote Code Execution Vulnerability (CVE-2014-0502)

How are these vulnerabilities exploited?

Two methods for propagating their payload

– Spear-phishing

Attach an infected document in an email message

– Watering hole attack

Visitors of a web site are infected

A third possibility – a combination of the above

Send target user an email with a link to an infected website

Link can be unique for that user

Who is Behind Elderwood?

High degree of technical sophistication – able to exploit many different vulnerabilities

Once packaged, less technical groups can mount actual attacks – perhaps different group for each target

Attacks are targeted – no mass email campaigns

Attackers are patient – may lie in wait for several months before adding malicious code

Components of Elderwood

Targets

Defense – Companies that manufacture components for top-tier defense contractors

NGOs and human rights groups (Amnesty International)

Finance, Energy, Education and Government

Recent Timeline of Elderwood Attacks

Groups using the Elderwood Platform

Takeaway Lessons

Apply the latest patches/updates to your software

Don’t open attachments unless you’re sure of the source

Be careful when clicking on links in email messages

Check that URL matches “printed” one http://fake.name.com

Thanks / Questions?

The Elderwood Project

Documents

Transcript of The Elderwood Project

The 1st project in Project Management represents the ‘Concepts of Project Management’

Project Charter - swslhd.health.nsw.gov.au€¦ · Web viewA Project Charter formally recognises the existence of a project and states the scope of the project, gives the Project

D6.3 Project Presentation - Submitted - Europa · The project presentation gives an overall overview of the LIFT project including the goals of the project, project partners and workpackage

IS PROJECT DOCUMENTATION Plan · The Project Plan is a key reference document for the Project Manager throughout the project. Moving on ... Project Objectives: The ADMIRe project

Creative Project Management - The Project

Project 2 - The Project Proposal

Ici project 3 - the project brief

Project management: defining the project

AP. Campion Redevelopment Project Project Description · AP. Campion Redevelopment Project 1. Project Description The Campion Redevelopment Project (the “Project”) involves the

The Niagara Tunnel Project Project Execution · PDF fileThe Niagara Tunnel Project Project Execution Plan ... 13 Project Controls and Reporting ... construction for the Facility Project

project 2 (The Project Brief)

Project Planning. Project Management · Project Planning. Project Management (Company name) (Project name) The Project - Summary Description The A Project will adapt new Artificial

Project Financing - books.mec.biz · Case Study: The Indiantown Cogeneration Project 288. Project Description 288 The Partnership and the Sponsors of the Project 293 Principal Project

Project Management Manual Managem… · project management manual planning & managing projects plan the project track & manage the project define & organize the project 3.1 collect

Personal project guide - Einstein descargables/Personal project... · 2 Personal project guide Personal project in the MYP Introduction to MYP personal project The personal project

The Asheville Project The Asheville Project

WHEATLAND WIND PROJECT · the Wheatland Wind Project (the Project)! We value our relationships with local communities and appreciate your continued interest in the Project. PROJECT

Project 2007 Manual - Asad IqbalPROJECT 2007 Introduction To Project The stages of a project 6 The Stages of a Project The major stages within Microsoft Project for any project are

The Elderwood Project - Cornell University...Attacks are deployed through spear phishing emails and also, increasingly, through Web injections in watering hole attacks. Although there

Putting the "Project" in Project Archivist