crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Integrated Business Technologies at (918) 770-8738.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 20 June 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Business Management Managed Service Provider Cloud Internet Microsoft Saving Money Business Computing Best Practices Productivity Workplace Tips IT Services Hosted Solutions Hackers Backup Email Malware Mobile Devices Software Business IT Support Small Business Hardware Network Data Server Smartphones Communication Upgrade Windows Business Continuity VoIP Mobile Device Management Virtualization Efficiency Microsoft Office Disaster Recovery Computer Google Mobile Office Vendor Management Miscellaneous Innovation Gadgets Holiday Social Media Outsourced IT Mobile Computing Smartphone Quick Tips Android Passwords BYOD User Tips Network Security Windows 10 WiFi Data Backup Browser Managed IT services Ransomware The Internet of Things Best Practice Bring Your Own Device Spam Remote Monitoring Internet of Things Trending Operating System Apple Users Tech Term Remote Computing Wireless Technology Data Management Alert Save Money Firewall Gmail Content Filtering Data Recovery Artificial Intelligence History Going Green IT Solutions Current Events Information Technology Lithium-ion Battery Encryption IT Consultant App Customer Relationship Management Unified Threat Management Managed IT Big Data Office Printer Tech Support Analytics Facebook Avoiding Downtime Cloud Computing Maintenance Antivirus Hard Drives Document Management Employer-Employee Relationship Applications Paperless Office Windows 8 Router Humor Saving Time Apps Phishing Application Compliance Virus IT service Chrome Business Growth Fax Server Outlook Health Website Customer Service Digital Payment Hacking Mobile Device Computers VPN Risk Management Managed IT Services Marketing Excel Collaboration Two-factor Authentication Automation Office Tips Phone System Retail Cybersecurity Administration Money Augmented Reality Running Cable Training Data Security Licensing Regulations Proactive IT Computer Repair Wi-Fi Mouse User Error Bandwidth Co-Managed IT Net Neutrality Social Infrastructure Office 365 Password PowerPoint Unified Communications Social Networking Tablet Presentation Inbound Marketing Budget Project Management Government iPhone Recovery Mobile Security Analyitcs Files Education Mobility Safety Piracy Specifications Settings Cost Management Sports Tip of the week Wireless Help Desk Cybercrime Save Time Point of Sale Company Culture Twitter Hiring/Firing Flexibility Hosted Solution IBM Data storage Statistics Robot File Sharing Wearable Technology Vulnerability Competition Network Congestion Productivity Printing End of Support Display HIPAA Alerts eWaste LiFi Downtime Computing Scam Data loss Redundancy Search USB Virtual Desktop Business Owner Intranet Business Intelligence Hacker Internet Exlporer Recycling User Programming Smart Technology Network Management IP Address CIO Enterprise Content Management Networking Migration Downloads Solid State Drive Legal Disaster IoT Refrigeration Distributed Denial of Service Bluetooth Windows 10 Macro Hotspot Online Currency Chatbots Machine Learning Multi-Factor Security Alt Codes Digital Signature Star Wars Managed IT Service Language Computer Accessories YouTube Memory Techology Laptop Identity Private Cloud Google Calendar Typing Break Fix Google Drive Gaming Console Utility Computing Software Tips Server Management Computing Infrastructure How To Documents Disaster Resistance Halloween Public Cloud Entrepreneur Legislation Cryptocurrency Dark Web Google Docs Healthcare Undo 5G Cooperation Touchscreen PDF People IT Consulting Scary Stories Motherboard Sync Bitcoin Data Warehousing Hard Drive Patch Management Staff communications Adminstration Modem Mobile Device Managment Software as a Service Hacks Domains Microsoft Excel 3D Cache IT Support Fun Operations Data Breach Cookies Conferencing Word Technology Tips Public Speaking Blockchain Management Virtual Private Network Cortana Virtual Reality Technology Laws PC Care Nanotechnology Value Travel Comparison Permissions eBay Monitors Enterprise Resource Planning Scheduling Knowledge IT Technicians Remote Support SaaS Environment Unified Threat Management Leadership Deep Learning Google Wallet Skype Screen Reader Streaming Media BDR Black Friday New Additions Assessment Fraud Text Messaging Writing Samsung Mobile Print Server Experience Mirgation Work Station Troubleshooting Access Control Debate Drones LinkedIn Smart Tech Identity Theft Heating/Cooling Cyber Monday Congratulations IT Management Video Surveillance Social Engineering Consumers Buisness Crowdfunding Managing Stress Law Firm IT Windows 8.1 Update Business Technology Storage Telephony SharePoint Identities Backups Best Available Connectivity

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code