Just patched Internet Explorer bug being exploited in watering hole attack

Doug OlenickAugust 21, 2015

A Hong Kong-based website has been compromised to serve up Korplug malware through a recently patched Internet Explorer (IE) vulnerability.

Symantec's Security Response blog said the Evangelical Church of Hong Kong website was modified to host a malicious iFrame that redirected visitors to another site hosting an exploit for CVE-2015-2502.

CVE-2015-2502 is a memory corruption vulnerability that affects IE 7 through IE 11 and can enable remote code execution. Microsoft deemed the bug critical in severity and issued a patch on Tuesday.

Korplug, also known as PlugX, is a trojan that maintains a backdoor on an infected computer and can allow the attacker to gain the same user rights as the actual user.

Symantec said the patch is effective and will protect any system that have it installed.

Doug Olenick

Vulnerability Management

‘MadMxShell’ leverages Google Ads to deploy malware via Windows backdoor

Steve ZurierApril 18, 2024

Security pros say using Windows backdoor in a malvertising campaign could expose companies to other malware attacks.

Network Security

DDoS attacks spike in first quarter

SC StaffApril 17, 2024

Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.

Close up the triple-lens camera on the iPhone 13 Pro Max Seirra Blue and Graphite Color on white background.

Application security

Updated LightSpy spyware targeted at South Asia

SC StaffApril 17, 2024

Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news