 Zero-day impacting all versions of computer, used in opportunistic "flash" attacks often taking place after work hours, and exploiting the gullibility of corporate employees, leaving many exposed. Tuesday, October 14, 2014 In close collaboration with important technology vendors, iHype Security announced the discovery of a zero-day attack campaign affecting computers, which have grown popular among companies and non-sports people. Vendors are releasing patches in a unified effort to prevent accidental exposure, with a coordinated release taking place at 09:00AM EDT. Exploitation of TrouserSnake has devastated thousands, affecting social networks and the reputations of their members. Though not as widely spread as ButterClam or other campaigns, the deep impact of TouserSnake is expected to be felt by a number of organizations. Visible Attack "Visibility into this campaign has given iHype a unique view into the methods of operation being being employed in the wild." said Charl Atan, a representative from iHype, "and since we started our tracking, we've been able to pinpoint several places that TrouserSnake has reared its nasty head."  RelevantPress was able to get in touch with renowned security expert @SecureTips, a consultant known for selflessly recommending solutions and best-practice behaviors for high-profile clients. "The thing is, most users have to unzip an untrusted package to expose themselves. This isn't an attack so much as a social-engineering effort [and] the window of exposure is often small," said Tips, "Users need to be wary, and consider all the unexpected places where this could pop up." The current recommendation being given by Tips and others is to apply patches and be cautious of any unexpected behaviors, particularly in isolated settings. Expect updates and follow-ups as details unravel in what will surely be a long, drawn-out security nightmare. Copyright RelevantPress, 2014. |