“Operation Aurora” Leading to Other Threats
Friday January 15, 2010 at 6:02 pm CST
Posted by Craig Schmugar
Operation Aurora has received a lot of attention over the past couple of days. To recap, Google, Adobe, and many other companies were attacked with code exploiting a zero-day vulnerability in Internet Explorer. Since the announcement of this vulnerability (CVE-2010-0249), exploit code has been made public and already revised into a more usable form.
History tells us that when exploit code targeting an unpatched vulnerability in popular software is release; a slew of attackers are ready, willing, and able to capitalize. What started out as a sophisticated targeted attack is likely to lead to large-scale attacks on vulnerable Microsoft Internet Explorer users. This often takes the form of drive-by download sites serving malware to unsuspecting users, lured by links spammed in email, social networking sites, blogs, and poisoned search engine results.
For more information on this vulnerability, the Operation Aurora attack, and ways to protect your environment see:
More Details on “Operation Aurora”
January 16th, 2010 at 23:44
[...] Comments Trackback In my last post I mentioned that the “Operation Aurora” exploit code was public and that we could [...]
January 17th, 2010 at 10:48
[...] are already starting to see the bad guys mobilize their efforts to take advantage of the earthquake in Haiti. Our research teams have noted an increase in search engine scams and malicious sites are starting [...]