#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Internet explorer zero-day vulnerability | Breaking Cybersecurity News | The Hacker News

How to Detect IE Zero-day Exploit Used to Deploy Korplug Malware

How to Detect IE Zero-day Exploit Used to Deploy Korplug Malware

Sep 17, 2015
Recently, Microsoft issued an Emergency patch for a zero-day vulnerability in Internet Explorer that is being exploited to deploy Korplug malware on vulnerable PCs. Korplug , a known variant of PlugX , is a Trojan that creates a backdoor used for information stealing on infected computers. In one of the most publicized cases, an evangelical church in Hong Kong was compromised to deliver the malware. Attackers were able to breach the church's website and inject a malicious iFrame overlay designed to look like the site itself. The iFrame was then used to redirect visitors to a site hosting the IE exploit . Once users land on the website, they are served a java.html which installs Korplug on their computers. To defend against Korplug, system administrators, and security engineers should educate users of corporate assets about these types of hacking techniques. In many cases, organizations are breached because of the lack of internal education around how to ident
Microsoft pushes Emergency Patch for Zero-Day Internet Explorer Flaw

Microsoft pushes Emergency Patch for Zero-Day Internet Explorer Flaw

Aug 19, 2015
It's time to immediately patch your Internet Explorer – Once again! Microsoft has issued an emergency out-of-band patch for all supported versions of Internet Explorer browser, to fix a critical security flaw that hackers are actively exploiting to hijack control of targeted computers. The Zero-Day flaw (assigned CVE-2015-2502 ) is a Remote Code Execution vulnerability that could be exploited when a user visits a booby-trapped website or open a malicious email on an affected machine. The security bug actually resides in the way Internet Explorer handles objects in memory. If successfully exploited, a hacker could gain the same user privileges as the current user. Therefore, users running administrator accounts on their machines as well as systems where IE is frequently used, like workstations or terminal servers, are particularly at the most risk from this vulnerability. Critical Zero-Day Vulnerability "An attacker who successfully exploited th
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
Oh Gosh! Four Zero Day Vulnerabilities Disclosed in Internet Explorer

Oh Gosh! Four Zero Day Vulnerabilities Disclosed in Internet Explorer

Jul 24, 2015
How many Zero-Days do you think could hit Microsoft today? Neither one nor two; this times its Four. The Hewlett-Packard's Zero-Day Initiative (ZDI) has disclosed four new zero-day vulnerabilities in Microsoft's Internet Explorer browser that could be exploited to remotely execute malicious code on victim's machine. All the four zero-days originally were reported to Microsoft, affecting Internet Explorer on the desktop. However, later it was discovered that the zero-day vulnerabilities affected Internet Explorer Mobile on Windows Phones as well. Each of the four zero-day flaws affects different components of the browser, and all are remotely exploitable through typical drive-by attacks. Four Zero-day vulnerabilities Disclosed by ZDI Here are the zero-day vulnerabilities, as reported by ZDI: ZDI-15-359: AddRow Out-Of-Bounds Memory Access Vulnerability ZDI-15-360: Use-After-Free Remote Code Execution Vulnerability ZDI-15-361: Use-After-Free Rem
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Exploit-Selling Firm Kept Internet Explorer Zero-Day Vulnerability Hidden for 3 Years

Exploit-Selling Firm Kept Internet Explorer Zero-Day Vulnerability Hidden for 3 Years

Jul 24, 2014
A French information security company VUPEN has recently disclosed that it held onto a serious Internet Explorer (IE) vulnerability for at least three years before revealing it at the Pwn2Own hacker competition held in March this year. The critical zero-day vulnerability affected versions 8, 9, 10 and 11 of Internet Explorer browser that allowed attackers to remotely bypass the IE Protected Mode sandbox. An attacker can exploit this issue to gain elevated privileges. VULNERABILITY DISCLOSURE TIMELINE According to a disclosure made by the security company last week, the vulnerability with ID  CVE-2014-2777  was discovered by the company on 12 February 2011, which was  patched by Microsoft  last month. 12 February 2011 - IE Zero-day discovered by Vupen. 13 March 2014 - Vupen reported to Microsoft. 11 June 2014 - Microsoft Released patch and publicly released the advisory . Sandbox is security mechanism used to run an application in a restricted environment. If an attacker is ab
Microsoft Patches Internet Explorer Zero-Day Vulnerability, Even for Windows XP

Microsoft Patches Internet Explorer Zero-Day Vulnerability, Even for Windows XP

May 01, 2014
Microsoft had publicized widely its plans to stop supporting oldest and widely used Operating system, Windows XP after 8th April this year, which means Microsoft would no longer issue security patches for XP. A few days back, we reported about a new critical Zero-day vulnerability in all versions of Microsoft's browser Internet Explorer, starting with IE version 6 and including IE version 11. According to the advisory (CVE-2014-1776), All versions of Internet Explorer are vulnerable to Remote Code Execution flaw, which resides ' in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated ,' Microsoft confirmed . An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. FIRST PATCH FOR WINDOWS XP, EVEN AFTER EXPIRATION DATE Internet Explorer vulnerability poses a special concern for people still using Windows XP , but can Microsoft really ignore inno
New Zero-Day Vulnerability CVE-2014-1776 Affects all Versions of Internet Explorer Browser

New Zero-Day Vulnerability CVE-2014-1776 Affects all Versions of Internet Explorer Browser

Apr 27, 2014
Microsoft confirmed a new Zero Day critical vulnerability in its browser Internet Explorer . Flaw affects all versions of Internet Explorer, starting with IE version 6 and including IE version 11. In a Security Advisory ( 2963983 ) released yesterday, Microsoft acknowledges a zero-day Internet Explorer vulnerability ( CVE-2014-177 6) is being used in targeted attacks by APT groups, but the currently active attack campaigns are targeting IE9, IE10 and IE11. INTERNET EXPLORER 0-DAY VULNERABILITY (CVE-2014-1776) According to Advisory, Internet Explorer is vulnerable to Remote Code Execution, which resides ' in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. ' Microsoft said. Microsoft Investigation team is currently working with FireEye Security experts, and dubbed the ongoing targeted campaign as " Operation Clandestine Fox ". In a blogpost , FireEye explained that an attacker c
Cybersecurity Resources