Government

Polyclinic Of Russian Presidential Administration Suffers Zero-Day Attack

4 - 11 December 2018

One of the polyclinics of the Presidential Administration of Russia suffered an APT attack at the end of November, after victims received a lure document that exploited an Adobe Flash zero-day (CVE-2018-15982) to download a malware with self-destruction functions.
One of the polyclinics of the Presidential Administration of Russia suffered an APT attack at the end of November, after victims received a lure document that exploited an Adobe Flash zero-day (CVE-2018-15982) to download a malware with self-destruction functions. The polyclinics mainly serve civil servants of the highest authorities of the Russian Federation and high-profile figures from the science and art sectors. The sensitive nature of the polyclinic and its patients, as well as the occurrence of the attack after the recent Kerch Strait incident between Ukraine and Russia, suggest that the attack could be highly targeted with political undertones. 

References:
[1] Operation Poison Needles - APT Group Attacked the Polyclinic of the Presidential Administration of Russia, Exploiting a Zero-day
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence