Network Synergy Blog

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Network Synergy at 203.261.2201.

Medical IT: How Is HITECH Doing?
Tip of the Week: How to Reduce the Use of Paper in...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, August 19, 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab

QR-Code dieser Seite

Sign Up

  • First Name *
  • Last Name *

      Blog Categories

      Specifications Smartphones Hacker Microsoft Office Hosted Solution Mobile Public Cloud Entrepreneur Managed IT Services Taxes Regulation Hiring/Firing Piracy Food Business Growth Domains Uninterrupted Power Supply Remote Workers eWaste Techology Social Networking Training Network Congestion Automation Motion sickness Business Continuity Management 3D Work/Life Balance Point of Sale Co-managed IT Streaming Media Saving Money Service-based Business Alt Codes Risk Management Travel Save Money Google Calendar Memory Alert Solid State Drive Business MSP Operating System Remote Monitoring Cryptocurrency Settings Politics Software IT Services Hacks Upgrade Email Unified Communications Cyber Monday Best Practice Cortana VoIP Customer Service Notifications Superfish Files Mobility Android Disaster Recovery Asset Tracking Information Technology Help Desk Lithium-ion Battery Windows 10 Remote Support Mobile Device Language Wearable Technology IT Solutions Modem Google Drive Servers Halloween Hard Drive Firewall SaaS Business Management Competition Information Hackers Redundancy Deep Learning Cybersecurity Twitter Gadgets Hard Drives Regulations Digital Legal Mail Merge Laptop Processors Employer-Employee Relationship Cost Management Technology Tips Smartphone IBM Physical Security Cooperation Identity Theft Chromebook Touchscreen People Migration Macro Humor Tip of the Work Maintenance Data Fleet Tracking User Tips Mobile Device Management Communication Trending History Passwords Licensing Security Employee-Employer Relationship Robot Botnet Experience IT Consulting Data Breach Miscellaneous Data storage Mobile Security Phone System Nanotechnology Social Engineering Computer Care Charger Virtual Desktop Internet Computer Going Green WiFi LiFi Staff Supercomputer Tutorials Avoiding Downtime Facebook SharePoint USB Heating/Cooling Samsung iPhone Monitoring Administrator Technology Laws File Sharing Two-factor Authentication Google Wallet Tech Term Unsupported Software Disaster Resistance Document Management Cabling Identities Best Practices Leadership Distributed Denial of Service Compliance Apps Best Available Cybercrime User Outsourced IT PC Care Browser User Error Social Alerts Programming Workplace Tips Meetings Thank You Downloads Technology IT service Augmented Reality Typing Virtualization Electronic Medical Records communications Drones Cache Digital Signature Tip of the Week Printer IT Consultant Break Fix Screen Reader Law Firm IT GPS Scam Data Management PDF Server Management Logs IT Management Buisness Recycling Hacking Geography Office 365 Computing Infrastructure Sports Corporate Profile Data Loss IT Support Websites Wireless Virtual Reality Proactive Microsoft Automobile Office Tips Mobile Devices Development Mirgation Google Managed IT Mobile Technology IT Support Skype Chrome Shortcut Intranet Bring Your Own Device Business Computing Mobile Data Display The Internet of Things Retail 5G Project Management Marketing BYOD Battery Print Server Search Health Net Neutrality Encryption Disaster Video Surveillance Managed Service Windows Save Time Vendor Management Wi-Fi Privacy Statistics Hotspot Cables Permissions Holiday LinkedIn Gmail Antivirus Managed IT Service Productivity Proactive IT Web Server Mobile Computing Social Media Quick Tips IT Technicians Digital Payment Environment High-Speed Internet Collaboration Administration Company Culture Remote Monitoring and Management Connectivity Star Wars Personal Information Presentation Crowdsourcing Text Messaging Cloud Router Recovery Motherboard Data Backup Documents Relocation Utility Computing Comparison IoT Spyware Debate Money Google Maps Education Inbound Marketing Business Owner Microsoft Excel Hardware Upgrades Malware Machine Learning Analyitcs Enterprise Resource Planning Operations Managed Service Provider IT budget Webinar Computing Sync Server Business Technology Mobile Office Emoji Budget Infrastructure Storage IP Address Application Multi-Factor Security Word Refrigeration Network Management Fraud Data Security Bluetooth Tip of the week Network Internet Exlporer Internet of Things eBay Users Networking Black Market Cameras Software as a Service CIO Applications Smart Tech Hard Disk Drive Government Downtime Consultation G Suite Trainging Vulnerability Lenovo Address Mouse Flexibility Wireless Technology Consumers How To Undo Cloud Computing Outlook Bitcoin Virus Healthcare Patch Management Google Analytics Knowledge Black Friday Hosted Solutions Computer Repair Running Cable Enterprise Content Management Staffing 3D Printing Cookies Printing CCTV Windows 8.1 Update Virtual Private Network Webcam Scheduling Small Business Legislation Business Intelligence Backups Paperless Office CrashOverride Website Monitors Spam Work Station Content Filtering Unified Threat Management Productivity Computer Accessories Excel Data Warehousing Software Tips Fun App Wires Private Cloud Tablet Secruity Artificial Intelligence Smart Technology Law Enforcement Windows 10 Tracking YouTube Remote Computing Phishing Big Data Current Events Gaming Console Fax Server Bandwidth Dark Web Blockchain Chatbots Backup OneNote Vulnerabilities Error Identity Firefox Google Docs Managed IT services Assessment Customer Relationship Management Time Management Network Security Saving Time Conferencing Unified Threat Management Innovation Cleaning VPN Access Control BDR HIPAA Scary Stories Value Managing Stress Troubleshooting PowerPoint How To Online Currency WPA3 Public Speaking Crowdfunding Tech Support Efficiency Windows 8 End of Support Telephony Ransomware Computers Telephone Systems Safety Writing Congratulations Apple Data Recovery Gadget Start Menu Office Password

      Latest Blogs

      Every business has some sort of management tasks that requires foresight, and staying up on them can keep headache-inducing situations from constantly causing downtime and costing ...

      Latest News

      Our Site Has Launched!

      flag

      Welcome to Our New Site!
      We are proud to announce the unveiling of our new website at Network Synergy!

      Read more ...

      Contact Us

      Learn more about what Network Synergy can do for your business.

      callphone

      Call us today    203.261.2201

      Fax Number :    203-261-2935

      126 Monroe Turnpike
      Trumbull, Connecticut 06611

      facebook twitter linkedin #youtube