During the last few years we have seen an increase on the number of malicious actors using tricks and browser vulnerabilities to enumerate the software that is running on the victim’s system using Internet Explorer. In this blog post we will describe some of the techniques that attackers are using to perform reconnaisance that gives them information for future attacks. We have also seen these techniques being used to decide whether or not they exploit the victim based on detected Antivirus, versions of potential vulnerable software or the presence of certain security features such as Enhanced Mitigation Experience Toolkit EMET. - See more at: http://www.alienvault.com/open-threat-exchange/blog/attackers-abusing-internet-explorer-to-enumerate-software-and-detect-securi/#sthash.zURDYNSO.dpuf
↧