Kaspersky Labs, one of the top cybersecurity research companies was attacked by the Duqu attackers, one of the top APTs (Advanced Persistent Threats) out there. Although they weren’t the only target, Kaspersky was probably in the best position to detect and analyze the threat.
They determined that Duqu took advantage of Windows zero-day vulnerabilities that allow attackers to raise their privilege levels and access any part of the affected system. The attackers had been at it for months before being detected.
The thing to remember from this is: If a company like Kaspersky can be successfully attacked, what chance does the average company have?
More on the attack from Ars Technica: Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks.