crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Integrated Business Technologies at (918) 770-8738.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 22 October 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Managed Service Provider Business Management Cloud Internet Business Computing Microsoft Best Practices Saving Money Productivity Workplace Tips IT Services Hosted Solutions Hackers Backup Email Malware Business Software Mobile Devices Data IT Support Hardware Small Business Network Communication Server Smartphones Computer VoIP Upgrade Business Continuity Google Windows Efficiency Disaster Recovery Mobile Device Management Innovation Virtualization Microsoft Office Data Backup Tech Term Outsourced IT Miscellaneous Mobile Office Vendor Management Holiday Gadgets Social Media BYOD User Tips Network Security Quick Tips Passwords Browser Mobile Computing Android Smartphone Productivity Internet of Things Managed IT services WiFi Bring Your Own Device Windows 10 Remote Monitoring Data Recovery The Internet of Things Ransomware Best Practice Spam Wireless Technology Alert Data Management Save Money Trending Operating System Apple Users Remote Computing Artificial Intelligence Office Collaboration Going Green Encryption Firewall Content Filtering Customer Relationship Management History Unified Threat Management Gmail Router Big Data Printer Tech Support Analytics IT Support IT Solutions Lithium-ion Battery Facebook Information Technology Current Events IT Consultant App Cloud Computing Managed IT Windows 8 Employer-Employee Relationship Website Applications Humor Two-factor Authentication Saving Time Avoiding Downtime Antivirus Phishing Maintenance Document Management Hard Drives Mobile Device Paperless Office Marketing Customer Service Hacking Excel Computers Phone System Government Managed IT Services Compliance Apps Automation Application Office Tips Virus Retail Bandwidth Project Management Fax Server Cybersecurity IT service Digital Payment Chrome Outlook Health VPN Business Growth Risk Management Wi-Fi Tablet Data Security Office 365 Inbound Marketing iPhone Password Healthcare Infrastructure Administration Augmented Reality Presentation Budget Managed Service Proactive IT Training Computer Repair Regulations Point of Sale Mouse Files Recovery Money Help Desk Net Neutrality Running Cable Social User Error Licensing Co-Managed IT File Sharing PowerPoint Social Networking Unified Communications End of Support LiFi Tip of the week Computing Statistics Scam Intranet Competition Business Intelligence Network Congestion Recycling eWaste Downtime Remote Workers Search Vulnerability Virtual Desktop USB Piracy Business Owner Information Data loss Blockchain HIPAA Sports BDR Hacker User Programming Redundancy Company Culture Analyitcs Twitter Education Machine Learning Specifications Safety Settings Flexibility Hosted Solution IBM Internet Exlporer Storage Cost Management Mobility Smart Technology Wireless Data storage Cybercrime Save Time Mobile Security Wearable Technology Conferencing IoT Robot Hiring/Firing Windows 10 Alerts Printing Display PDF Value People Star Wars Software Tips Managed IT Service 5G Scary Stories Virtual Reality Geography eBay Language Remote Support Identity Electronic Health Records Leadership Mobile Device Managment Google Calendar Asset Tracking Skype Streaming Media Utility Computing New Additions Break Fix Monitors SaaS Techology Deep Learning Print Server High-Speed Internet Text Messaging Server Management Computing Infrastructure OneNote Work Station Cyberattacks Legislation Domains Google Wallet LinkedIn Scheduling Congratulations Dark Web Fun Writing Cooperation Chromebook Disaster Resistance Word Law Firm IT Development Video Surveillance Employee-Employer Relationship Motherboard Read Only G Suite Public Speaking Drones Windows 8.1 Update Social Engineering Best Available Buisness Hard Drive Data Warehousing Cortana Patch Management Staff IT Consulting Identities Cables Modem Bookmarks Travel Software as a Service Backups Knowledge Environment CIO Cache Microsoft Excel Operations Politics Data Breach Solid State Drive Bluetooth Wires Online Currency Samsung Cookies Favorites Meetings Technology Tips Legal Experience Troubleshooting Debate Management Computer Accessories Virtual Private Network Telephony Technology Laws Heating/Cooling Alt Codes Consumers Monitoring Crowdfunding Nanotechnology Instant Messaging Macro Comparison YouTube Enterprise Resource Planning How To Permissions IT Technicians Unified Threat Management Typing MSP Screen Reader Identity Theft Black Friday IP Address Google Drive How To Mobile Assessment Fraud Gaming Console Touchscreen Mirgation Consulting Access Control Refrigeration Cryptocurrency Disaster Proactive Smart Tech Cyber Monday Google Docs Managing Stress IT Management Business Technology Managed Services Provider Private Cloud SharePoint Bitcoin Digital Signature Remote Monitoring and Management Memory Connectivity Laptop communications Enterprise Content Management Network Management Migration E-Commerce Public Cloud Downloads Hacks WPA3 Documents Distributed Denial of Service Halloween Networking Entrepreneur Vulnerabilities Adminstration Hotspot 3D Chatbots Features PC Care Sync Multi-Factor Security Undo Fleet Tracking

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code