IE Zero-Day Served by DeputyDog Cybercriminals from US Veterans of Foreign Wars Site

posted Mar 11, 2014, 10:21 PM by Unknown user   [ updated Mar 11, 2014, 10:35 PM ]

February 14, Softpedia – (International) IE zero-day served by DeputyDog cybercriminals from US Veterans of Foreign Wars site.

Researchers at FireEye identified a cyberattack campaign dubbed SnowMan utilizing a zero-day vulnerability affecting Internet Explorer (IE) 9 and IE 10 being served from the U.S. Veterans of Foreign Wars Web site.

The researchers believe the same group behind the DeputyDog and Ephemeral Hydra campaigns is also responsible for SnowMan and may be targeting military personnel. [MS has confirmed “limited, targeted attacks,” so until a patch is made available, this is just another case study for the proactive whitelisting approach.]