Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Endpoint Protection
View Only
Community Home
Threads
Library
Events
Members
Back to Library
New Internet Explorer Zero-Day Used In Watering Hole Attack
1
Recommend
Dec 29, 2012 07:27 PM
A L Johnson
We have received multiple reports of a new Internet Explorer zero-day vulnerability being exploited in the wild. Initial reports indicate that the website used in these attacks belong to a U.S. based think-tank organization. The site was believed to be compromised and used to serve up the zero day exploit as part of a watering hole style attacks as far back as December 21st.
A flash file named
today.swf
was used to trigger the vulnerability in Internet Explorer. The flash file is detected as
Trojan.Swifi
and protection has been in place for our customers since December 21st. Further details and analysis will be provided soon.
We have carried out in-depth research into watering hole style attacks dating back to 2009. That research and analysis is contained in a paper named
The Elderwood Project
, which we published in September 2012.
Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads
Tags and Keywords
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic