Top Federal Lab Hacked in Spear-Phishing Attack | Threat Level | Wired.com
Zacharia called the attack against the lab “sophisticated” and compared it to so-called “advanced persistent threat” attacks that hit security firm RSA last month and Google last year.
The attacker used an Internet Explorer zero-day vulnerability that Microsoft patched on April 12 to breach the lab’s network. The vulnerability, described as a critical remote-code execution vulnerability, allows an attacker to install malware on a user’s machine if he or she visits a malicious web site.
