Network Synergy Blog

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Network Synergy at 203.261.2201.

Medical IT: How Is HITECH Doing?
Tip of the Week: How to Reduce the Use of Paper in...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, October 22, 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab

QR-Code dieser Seite

Sign Up

  • First Name *
  • Last Name *

      Blog Categories

      Apps Networking Phone System Hosted Solution Electronic Health Records Law Firm IT Cortana Windows 8 IT Support Operating System Best Practices Language Websites Service-based Business Virtual Private Network Start Menu Machine Learning Cybercrime Administration Piracy Consumers Email Monitors Backups Disaster Recovery Data Security Network Motherboard Permissions Wearable Technology Work/Life Balance Work Station Router Smart Technology Print Server Tech Term Deep Learning Business Growth Microsoft Excel Blockchain Development Tech Support Intranet Managed Service Provider Cabling Cookies Users Comparison Macro Corporate Profile Flexibility Monitoring Outsourced IT Managed IT Service Bluetooth Settings Cleaning Website Business Computing Instant Messaging IT Technicians Save Money Webcam Web Server PC Care Information Staff Smartphones Mobile Devices VoIP History Social Engineering Wireless Retail Data Loss Migration Virtual Reality Cyberattacks MSP Google Wallet Help Desk Hiring/Firing Private Cloud Mouse Lithium-ion Battery LiFi Google Calendar Public Speaking Customer Service Experience Programming Utility Computing Wi-Fi Chromebook Managed Services Provider Lenovo WPA3 SaaS Productivity Google Maps Running Cable IT Solutions Budget Remote Monitoring and Management Office Tips The Internet of Things Vulnerability Legal Computing Infrastructure Screen Reader How To Specifications Safety Administrator Business Owner Augmented Reality Servers Social Networking Techology Browser Office 365 Analyitcs Applications Managed Service Domains User Malware How To Quick Tips Hosted Solutions CIO Internet Exlporer E-Commerce Bring Your Own Device Maintenance Black Market Secruity Consulting Cyber Monday Spam Social Media Computing Debate Modem Cables Proactive Dark Web CCTV Mobile Device Management Solid State Drive 3D Printing Connectivity Internet of Things Drones IBM Troubleshooting Notifications Humor Virtualization Compliance Chrome IT service Point of Sale Operations Vendor Management Office Hardware Fleet Tracking Data Warehousing Downtime Digital Computers Memory Hacks Mobile Computing Scary Stories Regulation Travel Uninterrupted Power Supply iPhone Processors Two-factor Authentication Windows 10 Business Intelligence Backup Employer-Employee Relationship Unified Communications Bitcoin Refrigeration Android Recovery Microsoft Black Friday Apple Relocation Hacking Star Wars Google Docs HIPAA Managed IT Services Identity Theft Hotspot Technology BYOD Holiday Firefox Upgrade Telephony Hard Drives Inbound Marketing Business Management Remote Support Buisness Document Management Crowdsourcing Phishing Staffing Managed IT Meetings Superfish Environment Laptop eBay Save Time Geography Unsupported Software Data Alt Codes Windows 8.1 Update Automation Hacker LinkedIn Application Big Data eWaste IT Consulting Enterprise Content Management Multi-Factor Security Fraud Features Paperless Office High-Speed Internet PDF Hackers Downloads Remote Workers Encryption GPS Computer Care Security Employee-Employer Relationship Disaster Resistance Mobile Security Address Disaster Mobile Technology Managing Stress Text Messaging Display Ransomware Typing Artificial Intelligence Privacy Mobile Data Printer Technology Laws Avoiding Downtime Server Management Network Congestion Digital Payment IP Address OneNote Communication Project Management PowerPoint Remote Computing Outlook Content Filtering Going Green Computer Windows Writing Network Management Error BDR Antivirus Company Culture Bandwidth Excel 3D Remote Monitoring Search Upgrades SharePoint Heating/Cooling Proactive IT Recycling People Cost Management Scam Health Sync Twitter G Suite Workplace Tips Gaming Console Distributed Denial of Service File Sharing WiFi Data Breach Information Technology Identities Licensing Printers Access Control Hard Drive Taxes Bookmarks Customer Relationship Management Cameras Halloween Asset Tracking Business Technology Money Training Tip of the Week YouTube Miscellaneous Mail Merge Hard Disk Drive Technology Tips Telephone Systems Data storage Current Events Emoji Touchscreen Microsoft Office Read Only Network Security Spyware Government Fun Net Neutrality Knowledge Robot Gadgets IT Services Saving Money Legislation Google Analytics Congratulations Unified Threat Management Digital Signature IT budget Alerts Wireless Technology Social Saving Time Data Recovery Tip of the Work Mobile Assessment Vulnerabilities Charger Windows 10 Streaming Media Politics Motion sickness Time Management Passwords Virtual Desktop Efficiency User Error Sports Firewall Cache Word Automobile End of Support Tablet CrashOverride Virus Personal Information Data Management Gmail 5G Software Education Software Tips Fax Server Infrastructure Logs Consultation Undo Finance Wires Risk Management Chatbots Productivity Law Enforcement Management Collaboration Food Scheduling Small Business Computer Repair Conferencing Break Fix Redundancy USB Computer Accessories Favorites Business Enterprise Resource Planning User Tips Tracking Trainging Video Surveillance Best Available Printing Gadget Software as a Service Mobility Cybersecurity Webinar Server Managed IT services Skype Physical Security Public Cloud Nanotechnology Value Facebook IT Management Samsung Smartphone Identity Documents Cloud Mobile Office Competition Smart Tech Botnet Online Currency Statistics communications Thank You IT Support Tutorials Marketing App Electronic Medical Records Trending Files Best Practice Battery Healthcare Cloud Computing Data Backup Unified Threat Management Cryptocurrency Mobile Device Password Google Shortcut Patch Management Innovation IoT Presentation VPN Storage Co-managed IT IT Consultant Crowdfunding Alert Tip of the week Internet Supercomputer Cooperation Entrepreneur Business Continuity Mirgation Regulations Google Drive Leadership

      Latest Blogs

      Once thought to just be a cool feature of the Internet--or the entirety of the Internet to your Great Aunt Maddie--instant messaging has a long history on the web. In fact, one cou...

      Latest News

      Our Site Has Launched!

      flag

      Welcome to Our New Site!
      We are proud to announce the unveiling of our new website at Network Synergy!

      Read more ...

      Contact Us

      Learn more about what Network Synergy can do for your business.

      callphone

      Call us today    203.261.2201

      Fax Number :    203-261-2935

      126 Monroe Turnpike
      Trumbull, Connecticut 06611

      facebook twitter linkedin #youtube