crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Integrated Business Technologies at (918) 770-8738.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 17 August 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Managed Service Provider Business Management Cloud Internet Microsoft Best Practices Business Computing Saving Money Productivity IT Services Workplace Tips Hosted Solutions Backup Hackers Malware Email Software Mobile Devices Business Data IT Support Hardware Small Business Network Communication Server Smartphones Upgrade VoIP Business Continuity Google Computer Windows Mobile Device Management Efficiency Disaster Recovery Virtualization Microsoft Office Innovation Miscellaneous Mobile Office Vendor Management Holiday Gadgets Social Media BYOD Data Backup Tech Term Outsourced IT Quick Tips Passwords Mobile Computing Smartphone Android User Tips Network Security Browser WiFi Bring Your Own Device Windows 10 Internet of Things Managed IT services Remote Monitoring Ransomware Spam Best Practice The Internet of Things Trending Operating System Wireless Technology Apple Remote Computing Data Recovery Alert Users Data Management Content Filtering Gmail Going Green Artificial Intelligence History Firewall Unified Threat Management Save Money IT Consultant Router Printer Tech Support Managed IT Information Technology Current Events Big Data Office App Encryption Analytics Customer Relationship Management IT Solutions Lithium-ion Battery Facebook Windows 8 Cloud Computing Antivirus Paperless Office Document Management Humor Saving Time Employer-Employee Relationship Productivity Applications IT Support Avoiding Downtime Maintenance Collaboration Two-factor Authentication Hard Drives Phishing Bandwidth Marketing Excel IT service Chrome Business Growth Wi-Fi Digital Payment Mobile Device Customer Service VPN Website Hacking Risk Management Apps Application Computers Virus Managed IT Services Fax Server Phone System Outlook Health Compliance Automation Cybersecurity Office Tips Retail Money Proactive IT Running Cable Computer Repair Licensing Inbound Marketing Data Security Mouse Net Neutrality Social Unified Communications Infrastructure File Sharing PowerPoint Office 365 Social Networking Password Training Tablet Government Managed Service Presentation iPhone User Error Co-Managed IT Budget Project Management Administration Augmented Reality Regulations Recovery Analyitcs Mobility Smart Technology Mobile Security Education Sports Safety Specifications IoT Scam Settings Flexibility Hosted Solution Point of Sale Cost Management Wireless Data storage Company Culture Twitter Tip of the week Cybercrime Save Time Robot IBM Hiring/Firing Printing End of Support LiFi Wearable Technology Computing Statistics Display Alerts Competition Vulnerability Network Congestion Help Desk eWaste Downtime Data loss Blockchain HIPAA Intranet BDR Search Business Intelligence Redundancy Virtual Desktop USB Business Owner Recycling Files Hacker Internet Exlporer User Programming Piracy Storage IP Address Google Drive Online Currency Connectivity Network Management How To Enterprise Content Management Disaster WPA3 Networking Computer Accessories Migration Private Cloud Downloads Refrigeration Cryptocurrency Google Docs Distributed Denial of Service Windows 10 Hotspot Vulnerabilities Digital Signature Fleet Tracking Chatbots Public Cloud Multi-Factor Security Bitcoin Memory Star Wars Scheduling Software Tips Managed IT Service Language Laptop communications Geography Asset Tracking Touchscreen Identity Sync Google Calendar Hacks Documents Utility Computing Break Fix Server Management Computing Infrastructure Halloween Techology Entrepreneur High-Speed Internet OneNote Mobile Device Managment Legislation Undo 5G PDF People Healthcare Dark Web Cooperation Scary Stories Virtual Reality Disaster Resistance Development Employee-Employer Relationship Motherboard Monitors Conferencing Hard Drive Data Warehousing Patch Management Staff SaaS IT Consulting Deep Learning Cables Remote Workers Modem Macro G Suite PC Care Software as a Service Domains Google Wallet Fun Writing Value Cache Microsoft Excel eBay Operations Chromebook Data Breach Word Wires Information Remote Support Cookies Travel Leadership Technology Tips Public Speaking Drones Cortana Social Engineering Buisness Skype Streaming Media Management New Additions Gaming Console Virtual Private Network Text Messaging Technology Laws Identities Print Server Work Station Nanotechnology Comparison Backups Knowledge Environment CIO LinkedIn Enterprise Resource Planning How To Congratulations Permissions Law Firm IT MSP Video Surveillance IT Technicians Telephony Unified Threat Management Solid State Drive Windows 8.1 Update Samsung Screen Reader Identity Theft Black Friday Legal Assessment Fraud Experience Troubleshooting Best Available Debate Mobile Proactive Mirgation Access Control Heating/Cooling Alt Codes Consumers Crowdfunding Smart Tech Cyber Monday IT Management YouTube Managing Stress Adminstration Bluetooth Remote Monitoring and Management 3D Business Technology Machine Learning SharePoint Typing

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code