Elderwood Project

(get it in RSS or Atom)

Internet Explorer zero-day exploit found on more websites. Fingers point towards Elderwood Project

Internet Explorer zero-day exploit found on more websites. Fingers point towards Elderwood Project

SophosLabs, has uncovered two new sites which have been hit by the recently discovered Internet Explorer zero-day vulnerability - a community seeking independence from China, and an Iranian oil firm's website.

Zero day vulnerability in Internet Explorer being used in targeted attacks, FixIt now available

Microsoft releases fix for Internet Explorer security hole, full patch coming Friday

Microsoft has released an advisory on a new zero day attack against users of Internet Explorer. While a Fixit is available it may be best to avoid using IE for awhile.

Jobs website of major hotel chain serving malware, linked to other attacks

reception-thumb

The jobs website of a major international hotel chain is silently serving up malware to visitors.

And curiously, the security breach appears to be connected to other recent high profile attacks. Paul Baccas of SophosLabs looks deeper.

European aeronautical supplier's website infected with "state-sponsored" zero-day exploit

European aeronautical supplier's website infected with "state-sponsored" zero-day exploit

In what has all the hallmarks of a state-sponsored attack, the website of a European aeronautical parts supplier had been hacked, and had a zero-day Microsoft security vulnerability planted upon it.

Danger! Unpatched Microsoft security vulnerability being actively exploited

Danger! Unpatched Microsoft security vulnerability being actively exploited

Although security software can protect against this vulnerability, let's hope that Microsoft can release a proper patch against it - it's being actively exploited in the wild.