New IE hole exploited in attacks on U.S. firms

Discussion in 'other security issues & news' started by JohnnyDollar, Jan 15, 2010.

Thread Status:
Not open for further replies.
  1. JohnnyDollar

    JohnnyDollar Guest

    JohnnyDollar, Jan 15, 2010
    #1
  2. wat0114

    wat0114 Guest

    From the article:

    Social engineering tactics seem to be a common denominator in these exploits. Another case where common sense will prevail.

    ...and if that fails:

    ...a default deny policy should provide ample backup.
     
    wat0114, Jan 15, 2010
    #2
  3. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    The social engineering wouldn't have worked if these attackers had not found a 0-day flaw in IE. But, I do agree with you that this seems like an inside job, and is probably the reason google is threatening to leave China. I would wager some of Google's Chinese employees were involved.
     
    chronomatic, Jan 15, 2010
    #3
  4. wat0114

    wat0114 Guest

    To be honest, it never occured to me as an inside job, but your theory could be right. It just seems like a lesson to be learned; do not carelessly click on links and don't run as administrator, allowing unsolicited executables to launch. It looks again like another case where antivirus is a half-arssed security solution.
     
    wat0114, Jan 15, 2010
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...