Cybercriminals continuously discover more ways to successfully target new outlets for financial theft, according to Trend Micro.
Even though the data gathered by Microsoft points to the fact that cybercriminals now prefer deceptive tactics to exploits, it does not mean that the latter approach has been wholly abandoned.
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability research team has decided to share some more details about the exploit.
Late on Saturday, Microsoft has published a security advisory warning about "limited, targeted attacks" exploiting a newly discovered zero day vulnerability that affects all supported versions of Internet Explorer (6 to 11).
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in "limited, targeted attacks directed at Microsoft Word 2010." The vulnerability affects all supported version of Word.