March 09, 2016 | by Michael Bailey
As defensive security controls raise the bar to attack, attackers will employ increasingly sophisticated techniques to complete their mission. Understanding the mechanics and impact of these threats is essential to systematically discover and deflect the coming wave of advanced attacks.
Mandiant has developed a comprehensive whitepaper that provides a multi-faceted analysis of the exploit payload "Operation RussianDoll." This payload is an exploit for CVE-2015-1701 embedded within the un-obfuscated 64-bit RussianDoll payload (MD5: 54656d7ae9f6b89413d5b20704b43b10). The whitepaper references a freely available open-source proof of concept and provides malware triage analysts, reverse engineers, and exploit analysts with tools and background information to recognize and analyze future exploits. It also covers how red team analysts can apply these principles to carve out exploit functionality or augment exploits to produce tools that will enhance effectiveness of security operations.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.