Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Central Technology Solutions at 1-844-237-4300.

Medical IT: How Is HITECH Doing?
Password Protection Policies Keep Businesses Safe
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, February 18 2019

Captcha Image

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Business Computing Email Privacy Malware Hosted Solutions Hackers Internet IT Services Network Security Productivity Data Productivity Software Managed IT Services Outsourced IT Data Backup IT Support Business Mobile Devices Innovation Ransomware Computer Tech Term Hardware Data Recovery Microsoft Backup Small Business Google Cloud Computing Internet of Things Efficiency Managed Service Provider Smartphone Business Continuity Remote Monitoring Data Management Social Media Paperless Office Windows 10 User Tips Smartphones Android Disaster Recovery Browser Encryption Managed IT IT Support Upgrade Communication Business Management Artificial Intelligence VoIP BYOD Phishing Windows Save Money Collaboration Facebook Workplace Tips Cybersecurity Risk Management Windows 10 Holiday Mobile Device Management App Mobile Device Robot Employer-Employee Relationship Applications Saving Money Server Bring Your Own Device Bandwidth BDR Vendor Management Apps Recovery Office 365 Passwords Gmail Managed IT Services Government Wi-Fi Unified Threat Management communications Document Management Firewall Network Compliance Chrome Telephone Systems Infrastructure SaaS Money Vulnerability Data storage Hosted Solution Going Green Website Information Wireless Automation Virtualization Password Content Filtering IT Management Tip of the week Scam Healthcare Big Data Antivirus Project Management Work/Life Balance Social Miscellaneous Unified Communications Customer Relationship Management Regulations Computing Data loss Office IT Service Data Security Managed Service Training Two-factor Authentication Microsoft Office Router Computers Storage File Sharing Printing Tablet Files Analytics Remote Computing Blockchain Help Desk Customer Service Quick Tips Apple Politics Virtual Reality Digital Payment Twitter Hacker VPN Management Patch Management Remote Monitoring and Management Websites Users Identity Theft Licensing Spam Wireless Technology Legal WiFi End of Support YouTube Health Virtual Private Network Remote Workers Downtime Network Management Software as a Service The Internet of Things Monitors Assessment Business Technology Administration Alert Server Management Budget Electronic Medical Records How To IoT Information Technology Smart Technology LiFi Maintenance Machine Learning Mobility Education Uninterrupted Power Supply Operating System How To IT solutions Samsung Mouse Employees Outlook Company Culture Flexibility Word Google Drive Internet Exlporer Chromebook HIPAA Sports Settings Avoiding Downtime Redundancy Business Growth Access Control Private Cloud Mobile Security Tech Support Upgrades Mobile Computing Heating/Cooling IT Consulting Drones Enterprise Content Management Finance Break Fix Social Networking Point of Sale Computer Repair Backups Employee-Employer Relationship SharePoint Staff Deep Learning Black Friday Roanoke — Central Technology Solutions Physical Security WannaCry Solid State Drive PowerPoint Theft Unified Threat Management Hotspot Retail Cortana Time Management Networking Cost Management E-Commerce Mirgation Sync 3D Printing Hacking Wires Human Error Fraud Screen Reader Telephony Display Current Events Augmented Reality Public Cloud Processors Servers Data Breach Alt Codes Vulnerabilities Authentication Dark Web Motherboard Law Enforcement Connectivity Downloads Enterprise Resource Planning Bookmarks Cyber Monday technology services provider Office Tips Travel Cryptocurrency Professional Services WPA3 Financial User Error Language Botnet Hard Drive Features Migration Mobile Device Managment Unsupported Software Software Tips Virus Disaster Trending Security Cameras Permission Smart Tech Update Operations Automobile Computer Care Technology Laws Typing Geography Authorization Data Warehousing Gadget Mail Merge Hacks Touchscreen Techology Best Practice Mobile Favorites Technology Assurance Group ’s 18 VoIP Sponsor Bitcoin Virtual Assistant Fleet Tracking Procurement Computing Infrastructure Social Engineering USB Cache Electronic Health Records Technology Tips Chatbots Mobile Data Remote Worker Test Net Neutrality GPS Virtual Desktop Consultation Lenovo Multi-Factor Security Wearable Technology Statistics High-Speed Internet Microsoft Excel Modem Address Star Wars Monitoring Disaster Resistance Conferencing Distributed Denial of Service Annual Convention Crowdsourcing Dark Data Meetings Personal Information Digital Obstacle Windows 8 Save Time Wasting Time Asset Tracking Printer Alerts Safety Supercomputer Recycling Cyberattacks Comparison Identity G Suite History Search Identities ROI MSP RMM Tracking Superfish Consulting Google Calendar Google Maps Notifications Bluetooth Development Zero-Day Threat Cookies Taxes Utility Computing IT Budget Black Market Proactive IT Google Wallet Managing Stress Instant Messaging Managed IT Service San Diego Spyware Course OneNote Cooperation Marketing eWaste Read Only Specifications Buisness Cabling Shortcut Hard Drives Google Docs Notes Proactive Tech Terms Gadgets Writing Emoji Managed Services Provider Legislation IT Technicians Cables Backup and Disaster Recovery Permissions Nanotechnology Network Congestion Firefox Humor Error Printers Cybercrime Emergency Web Server CrashOverride Cameras Motion Sickness Regulation Administrator CCTV Relocation Webcam Hard Disk Drive IT Consultant