EclecticIQ Hypotheses: Infection Vector for German Government Breach (English)
Report from EclecticIQ Fusion Center from Wednesday 14 March 2018.
Key Findings:
- ILIAS e-Learning platform likely infiltrated by adversaries to serve malicious documents that are commonly provided with online courses.
- e-Learning portal was running outdated version, which might have aided attackers in exploitation of vulnerabilities.
- Unknown if or how Government computers in a closed network could have accessed the e-Learning portal hosted online
- Broad distribution of ILIAS across industries
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.
Download Report
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.