Security researchers recently unearthed a previously unknown advanced persistent threat (APT) campaign. Researchers at Websense released free source code online for enterprises to use the crash reports to catch potential security breaches in their organizations. Next week at the RSA Conference in San Francisco, the researchers will release indicators of compromise for the two attack campaigns that can be incorporated into intrusion prevention systems. In both cases, the attacks have been suspended and the command-and-control infrastructures disrupted by the attacks. The researchers say they can detect zero-day or unknown attacks by a little information in crash reports.”]
Source: https://www.darkreading.com/attacks-breaches/windows-crash-reports-reveal-new-apt-pos-attacks