Three new attacks using IE zero-day exploit
Attackers are continuing to pile on a critical Internet Explorer zero day that remains unpatched two weeks after it was reported.
During the last two weeks, it appears that at least three separate targeted attack campaigns have been using the same bug previously used by Operation Deputy Dog, a campaign that wound up compromising Japanese media outlets and tech systems in the middle of September.
Researchers at FireEye initially discovered the DeputyDog campaign – which leveraged the CVE-2013-3893 vulnerability – a little over a week ago. Now word comes that three other, unconnected campaigns, Taidoor, th3bug and Web2Crew are also using the same exploit.