Kaspersky Lab has discovered an attack on its corporate network which hit high profile victims in several Western, Middle East and Asian nations, including covert surveillance attempts during the ongoing Iranian nuclear talks. The Duqu 2.0 malware platform associated with the attacks was exploiting up to three zero-day vulnerabilities, a highly unusually feature that strongly suggests nation-state involvement. The last remaining zero-day (CVE-2015-2360) was patched by Microsoft on 9 June with the MS15-061 patch after Kaspersky Lab experts reported it. Malware infections linked to the cyber-spying coincide with P5+1 (a group of six world powers — five permanent members of the UN Security Council, plus Germany) events and venues for high-level meetings between world leaders negotiating a nuclear deal with Iran, with Iranian delegates’ hotels seemingly targeted.
The Security Week
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street