Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security The Military

IE Zero-Day Exploit Used In Attack Targeting Military Intelligence 58

Posted by samzenpus from the protect-ya-neck dept.
wiredmikey writes "Security researchers from FireEye have discovered a new IE 10 Zero-Day exploit (CVE-2014-0322) being used in a watering hole attack on the US Veterans of Foreign Wars' website. According to FireEye, attackers compromised the VFW website and added an iframe to the site's HTML code that loads the attacker's page in the background. When the malicious code is loaded in the browser, it runs a Flash object that orchestrates the remainder of the exploit. Dubbed 'Operation SnowMan' by FireEye, the attack targets IE 10 with Adobe Flash. According to a recently-released report from CrowdStrike Strategic Web Compromises (SWC), where attackers infect strategic Websites as part of a watering hole attack to target a specific group of users, were a favorite attack method for groups operating out of Russia and China. FireEye believes the attackers behind the campaign, thought to be operating out of China, are associated with two previously identified campaigns: Operation DeputyDog and Operation Ephemeral Hydra. 'A possible objective in the SnowMan attack is targeting military service members to steal military intelligence,' FireEye said."
This discussion has been archived. No new comments can be posted.

IE Zero-Day Exploit Used In Attack Targeting Military Intelligence More

IE Zero-Day Exploit Used In Attack Targeting Military Intelligence

Comments Filter:

  • They use IE (Score:2, Insightful)

    by Anonymous Coward on Friday February 14, 2014 @04:14AM (#46243775)

    And without anykind of Flash blocker? God they're even more stupid than I originally theorized.

  • Sigh (Score:4, Insightful)

    by ledow ( 319597 ) on Friday February 14, 2014 @04:25AM (#46243805) Homepage

    If military intelligence are using IE 10 with Flash enabled, they really need to drop the last half of their name.

  • Re: Its not soup yet (Score:5, Insightful)

    by icebike ( 68054 ) on Friday February 14, 2014 @05:11AM (#46243919)

    IE, as of about version 9, is on par with other major browsers in terms of security. It only gets more publicity because, let's face it, it's IE, and still the most widely used browser.

    It depends on who you ask.

    http://gs.statcounter.com/ [statcounter.com] shows Chrome clearly in the lead.
    http://www.w3counter.com/globa... [w3counter.com] also shows chrome leading.
    Wikimedia says Chrome leads http://stats.wikimedia.org/wik... [wikimedia.org]

    Just because its common doesn't mean its used. And you don't see these stories about Firefox or Chrome, at least not many. And given the market share that Chrome enjoys you would expect to see many more stories.

    You've fallen for the old Microsoft lie:
    They insist We are attacked because we are popular.
    The real story is they are attacked because they are easy targets.

     

  • VFW? (Score:4, Insightful)

    by smittyoneeach ( 243267 ) * on Friday February 14, 2014 @05:54AM (#46244009) Homepage Journal
    Dude, the VFW is substantially a drinking club for old warhorses.
    TFA is akin to saying the Commies infiltrated DFW [dfwairport.com] to score information on the U.S. Air Force.
    YHBT. HAND.

  • Intelligence? (Score:1, Insightful)

    by Zero__Kelvin ( 151819 ) on Friday February 14, 2014 @08:27AM (#46244347) Homepage
    They use IE and then wonder why we say "Military Intelligence" is an oxymoron?

  • Re:Its not soup yet (Score:2, Insightful)

    by Anonymous Coward on Friday February 14, 2014 @12:02PM (#46246469)

    This exploit relies on TWO concurrent vectors: 1) You must be running and using IE10 (which has already been superseded by IE11, which is immune to this attack) and 2) You must have Adobe Flash installed.

    BOTH of these conditions are necessary for this attack to work. Anyone who has kept their updates up (and therefore has IE11), doesn't use Flash or has installed the EMET (http://technet.microsoft.com/en-us/security/jj653751 [microsoft.com]) is immune to this attack which is, obviously, actually just ANOTHER Flash-based vulnerability! and yet you limit your spurious attacks to (an outdated version of) Internet Explorer (*surprise*) ...

    Clearly the same ole /. FUD factory continues spouting it's age-old hypocrisy...

    -AC

Slashdot Top Deals

I tell them to turn to the study of mathematics, for it is only there that they might escape the lusts of the flesh. -- Thomas Mann, "The Magic Mountain"

Close