News that an Internet Explorer zero-day vulnerability was being and has been for quite some time been used in a new "watering hole" attack has livened the otherwise uneventful last week of 2012.
The exploited website was that of the Council on Foreign Relations, an organization, publisher, and think tank specializing in U.S. foreign policy and international affairs, among whose members are a number of high-profile U.S. government and political figures such as former secretary of state Madeleine Albright, former treasury secretary Robert Rubin, and many others.
A newly-discovered, severe security flaw in fully patched versions of Internet Explorer allows attackers to steal user credentials or to conduct phishing attacks through any website.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=XSS