New Microsoft IE Zero-day attack
It was brought to our attention by this thorough Eric Romang article that a new zero-day exploit (an exploit actively used by cybercriminals in the wild) targets a bug in Microsoft’s Internet Explorer (IE) 7 & 8, and with some help from Java, it could be also exploited on IE 9, as confirmed by the Metasploit firm. At this time, as there is yet no patch from Microsoft, what can you do?
Microsoft released a security advisory and a blog post promising a quick fix in a few days, and suggesting that IE users download and install EMET. While we’re not particularly fond of some 'security' recommendations like removing Java or turning off Flash, this one has some merit. Really, if you can, do the switch, because you can only gain. Firefox and Chrome are more modern and much safer browsers for everyday browsing. There are more voices advocating this change – for example, Google announced they'll drop IE 8 compatibility soon, and a German cybersecurity agency also recommends that users switch to something safer.
Still, about a third of our user base is using IE, and more than half of them are running the vulnerable version – or all of them are, if we assume the hackers will incorporate the Metasploit functionality for exploiting IE 9. As of now, IE 10 is still in beta, but it's not vulnerable to this exploit.
If you keep your avast! updated, we protect you against this threat – you’re surfing safely. We detect it as JS:Fload-A/B. But we still recommend that you to review your updating policy – because such a large number of you being vulnerable due to your choice of web browser is a frightening number.
While investigating sites infected by this exploit we've found some very interesting details, so stay tuned for more interesting stuff.
Our Aposemat Team has been testing the capabilities of IPv6 and how malware could take advantage of it. One of the topics explored was exfiltration of data via the IPv6 protocol, which we discuss in this post.
Popular banking services, including PayPal, Revolut and Venmo, allow users to request money from others with a few easy steps. Although simple, this functionality could increase the likelihood of related spearphishing attacks.