Watering Hole Attack Claims US Department of Labor Website

Discussion in 'malware problems & news' started by TheKid7, May 1, 2013.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Watering Hole Attack Claims US Department of Labor Website:
    http://threatpost.com/watering-hole-attack-claims-us-department-of-labor-website/
     
  2. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
  3. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Zero Day Exploit In IE 8 Targets Nuclear Weapons Researchers

    "Attackers exploited a previously unknown and currently unpatched security bug in Microsoft's Internet Explorer browser to surreptitiously install malware on the computers of federal government workers involved in nuclear weapons research, researchers said Friday.

    The attack code appears to have exploited a zero-day vulnerability in IE version 8 when running on Windows XP, researchers from security firm Invincea said in a blog post. The researchers have received reports that IE running on Windows 7 is susceptible to the same exploit but have not been able to independently confirm that. Versions 6 and 7 of the Microsoft browser don't appear to be vulnerable. The blog post didn't mention the status of IE 9 or 10."


    http://arstechnica.com/security/201...-exploit-targets-nuclear-weapons-researchers/


    Another reason, if one was really needed, to keep updated software.
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Re: Zero Day Exploit In IE 8 Targets Nuclear Weapons Researchers

    IE6 not vulnerable :D Used to love it, & if it had ALL the plugins available for it as FF does, i might be still using it :p
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Re: Zero Day Exploit In IE 8 Targets Nuclear Weapons Researchers

    Color me shocked, you and your love for ancient software. Upgrading to Vista and IE7 soon I guess? ;)
     
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Re: Zero Day Exploit In IE 8 Targets Nuclear Weapons Researchers

    From the executive summary:
     
  8. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
  9. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,091
    Microsoft admits zero-day bug in IE8, pledges patch

     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    http://arstechnica.com/security/201...attacks-on-us-nuke-workers-hit-9-other-sites/
     
  11. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,936
    Location:
    U.S.A.
  12. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Brian is always on the ball. Though I don't know if this is sanctioned by MS - it would certainly behove those that are concerned with the standing exploit on IE 8.

    Thanks for this JR.

    • Poster note: due to thread merge: all social bookmarks became broken, Facebook, Twitter, etc - Takes a bit of effort to fix those. Just sayin'.

     
  13. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
  14. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  15. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    See also:
    Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution: May 8, 2013
    http://support.microsoft.com/kb/2847140
    Note that the Fix It and the above MS KB contain the same Fix - or workaround until Microsoft releases a full patch, I suspect via Windows Update.
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    658
    Location:
    Italy
Loading...
Thread Status:
Not open for further replies.