Netranom Blog

Netranom has been serving the Hurricane area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Netranom at (304) 562-4700.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Sunday, 20 May 2018
If you'd like to register, please fill in the username, password and name fields.

Account Login

Recent Comments

Sick of Email? Try These 3 Alternative Communication Apps
20 May 2018
I'm sick of doing so many different things on โกลเด้นสล็อต that I still don't know what to do with i...
Is it Time to Rethink the 8-Hour Workday?
19 May 2018
Yeah, the 8 hour work-day is not working and it should be cancelled. The previous work-day, where yo...
Tip of the Week: How to Find the Best VPN for Your Privacy
18 May 2018
Students learn best when they actively participate in the lesson or that they feel valued when teach...
3 Ways To Improve Your Business’ Data Security
18 May 2018
Students learn best when they actively participate in the lesson or that they feel valued when teach...
3 Easy Ways to Get Your Business Started With Automation Technology
18 May 2018
Students learn best when they actively participate in the lesson or that they feel valued when teach...

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Latest Blog Entry

      It can be argued that your organization isn’t considered “modern” without taking advantage of truly modern technology solutions. This includes the cloud, which provides anytime-anywhere access to impo...

      Latest News

      Contact Us

      Learn more about what Netranom can do for your business.

      callphone

      Contact us today
      (304) 562-4700
      help@netranom.com

      2801 Virginia Avenue
      Hurricane, West Virginia 25526