Network Synergy Blog

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Network Synergy at 203.261.2201.

Medical IT: How Is HITECH Doing?
Tip of the Week: How to Reduce the Use of Paper in...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, October 20, 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab

QR-Code dieser Seite

Sign Up

  • First Name *
  • Last Name *

      Blog Categories

      Enterprise Resource Planning Start Menu Disaster Mobile Computing Legal IT budget Consultation Communication Gaming Console Office Tips Address Printing Remote Workers Staffing Deep Learning Finance Technology Piracy Windows 8 Politics VPN Administration Technology Tips Applications Vendor Management Productivity Comparison Managing Stress Hard Drive Business Intelligence Chrome Tablet Regulations Social Engineering Information Operating System Secruity Virtual Private Network IoT Wearable Technology Fun Remote Support Project Management Flexibility Skype Users Hardware Digital Signature Search IT Services Android Value Mobile Office Network Management WiFi Law Firm IT Printer Cables Mobile Device Management Computer Repair Save Time Windows 10 Supercomputer SaaS Money Spyware Access Control Remote Monitoring Cameras Regulation Microsoft Excel Patch Management Solid State Drive Gadget Data storage Alt Codes Email Business Management Hacker Thank You Machine Learning Error IT service CCTV Recycling Apple Servers Public Speaking Online Currency Data Management Phishing Webcam Robot G Suite Virtual Reality LiFi Geography Permissions Innovation Google Analytics Corporate Profile Google Wallet Operations Trending Black Market Privacy Electronic Medical Records Modem Content Filtering Websites Instant Messaging Smart Technology IT Technicians Monitors Employer-Employee Relationship Telephone Systems Identities Government Tutorials Humor File Sharing Legislation Scheduling Best Available Windows Disaster Recovery Identity Theft Cookies Laptop Help Desk Leadership Managed IT Service Google Drive IP Address Hard Drives Twitter Windows 8.1 Update Fraud Storage Managed Service Data Loss Save Money Best Practice Statistics Business Digital Payment Fax Server Data Backup Alerts Mirgation Smart Tech Scam Cost Management Technology Laws Going Green CIO Remote Computing Consumers Redundancy Hiring/Firing Data Recovery Logs Battery Workplace Tips Motion sickness Firefox Computing IT Consulting Ransomware Phone System Downloads Specifications Holiday Unsupported Software Relocation Cooperation Cyberattacks Management Cortana Mail Merge Saving Money Education Unified Threat Management Collaboration Business Owner Documents IT Consultant Application Drones Cabling Wireless Technology YouTube Alert Experience Web Server Cybercrime Virtual Desktop Internet Exlporer Streaming Media Hard Disk Drive 3D Features Backups Router Artificial Intelligence Managed IT Services Marketing Hotspot Data Warehousing Cloud Computing eBay Trainging Service-based Business SharePoint Files Distributed Denial of Service Healthcare PowerPoint Firewall Co-managed IT Refrigeration Office WPA3 Unified Communications Spam Antivirus Business Computing Staff Inbound Marketing Emoji Scary Stories Tip of the week Meetings People Text Messaging Miscellaneous Mobile Device Upgrade IT Support Cleaning Networking Touchscreen IT Solutions Telephony Cyber Monday Cloud Retail Monitoring User Error Internet Cybersecurity Personal Information Buisness Mobility Heating/Cooling Passwords Word Physical Security Efficiency Video Surveillance Google Maps Virtualization Company Culture Debate Halloween Programming PDF Computers Black Friday Information Technology The Internet of Things Avoiding Downtime Software as a Service Hosted Solution History Business Growth Risk Management Training Time Management End of Support Hackers Saving Time Identity Mobile Technology PC Care Private Cloud Google Docs iPhone Work Station Mobile Chatbots IT Management Webinar Small Business Printers IBM Asset Tracking Law Enforcement Lithium-ion Battery Automation Motherboard USB Managed Service Provider Connectivity Server How To Vulnerability Dark Web Excel Infrastructure Processors IT Support VoIP Wireless Settings Conferencing Outsourced IT GPS Computer Accessories Customer Relationship Management BYOD Superfish Electronic Health Records Wires Google BDR Utility Computing Running Cable User Tips Downtime Bandwidth Password Migration Managed IT Sync Best Practices Knowledge Software Vulnerabilities Techology Proactive Social Media Upgrades Virus Point of Sale Outlook Microsoft Office CrashOverride Crowdfunding HIPAA Charger Smartphones Tip of the Work Unified Threat Management Language Mouse Botnet Star Wars App Assessment Crowdsourcing Network Security Safety Competition Hosted Solutions Shortcut Mobile Security Notifications communications Fleet Tracking Customer Service Security Remote Monitoring and Management Bring Your Own Device Paperless Office Compliance Bluetooth Samsung Analyitcs Environment Uninterrupted Power Supply Employee-Employer Relationship E-Commerce Proactive IT Computer Care Microsoft Document Management Lenovo OneNote Computer Managed IT services Big Data Network Hacks Intranet Malware Cache Work/Life Balance Presentation Data Breach Software Tips Two-factor Authentication Computing Infrastructure Data Multi-Factor Security Tracking Read Only Public Cloud Enterprise Content Management Travel Entrepreneur Recovery Net Neutrality Hacking Google Calendar Development Browser Memory Undo Network Congestion Tip of the Week Gadgets Health Productivity Business Continuity Business Technology Automobile Website Typing Office 365 LinkedIn eWaste Blockchain Backup Break Fix Managed Services Provider Bitcoin Budget Tech Support Chromebook Quick Tips Facebook Encryption Macro Internet of Things Domains Mobile Devices Nanotechnology Maintenance Troubleshooting Sports Bookmarks Food Server Management User Consulting 3D Printing How To Augmented Reality Windows 10 Congratulations Administrator Display Cryptocurrency High-Speed Internet Disaster Resistance Writing Current Events Wi-Fi Smartphone Social Networking Licensing Screen Reader Social 5G MSP Favorites Data Security Tech Term Gmail Mobile Data Print Server Taxes Apps Digital

      Latest Blogs

      The cloud is such an important part of today’s business environment that most organizations use it to some extent, even if it’s just for basic storage needs. However, the cloud nee...

      Latest News

      Our Site Has Launched!

      flag

      Welcome to Our New Site!
      We are proud to announce the unveiling of our new website at Network Synergy!

      Read more ...

      Contact Us

      Learn more about what Network Synergy can do for your business.

      callphone

      Call us today    203.261.2201

      Fax Number :    203-261-2935

      126 Monroe Turnpike
      Trumbull, Connecticut 06611

      facebook twitter linkedin #youtube