Newsfeed
Nachrichtenbote
It looks like some people used the day after Christmas for mischief rather than relaxation. According to a report from FreeBeacon, the website for the US foreign policy group, Council on Foreign Relations (CFR), was compromised on 26 December 2012.
Judging from the exploit HTML file apparently used in the attack, users in specific countries were being targeted, based on the language settings of the browser used to visit the compromised site. Targeted languages are as follows:
- Chinese (Taiwan)
- Chinese (PRC)
- English
- Japanese
- Russian
- Korean
The compromised site itself was reportedly cleaned shortly after the attack was detected. However, we expect the exploit to become more widely used in other online attacks now that it has been added to the Metasploit framework.
The exploit affects versions 8 and lower of the Internet Explorer browser, so users with the affected program are advised to either update their software to versions 9 or 10, or switch to other browsers.
In the meantime, Microsoft has released a security advisory providing additional details and a workaround for affected users.
Post Wayne
On 02/01/13 At 01:03 AM
Weiterlesen...
Judging from the exploit HTML file apparently used in the attack, users in specific countries were being targeted, based on the language settings of the browser used to visit the compromised site. Targeted languages are as follows:
- Chinese (Taiwan)
- Chinese (PRC)
- English
- Japanese
- Russian
- Korean
The compromised site itself was reportedly cleaned shortly after the attack was detected. However, we expect the exploit to become more widely used in other online attacks now that it has been added to the Metasploit framework.
The exploit affects versions 8 and lower of the Internet Explorer browser, so users with the affected program are advised to either update their software to versions 9 or 10, or switch to other browsers.
In the meantime, Microsoft has released a security advisory providing additional details and a workaround for affected users.
Post Wayne
On 02/01/13 At 01:03 AM
Weiterlesen...