Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

View employment practice trends

Today's Workplace

Waiting To Replace That Old Software? Consider Making It A Priority

A nation state launches a cyberattack using a vulnerability in an old software. What lessons can your organization learn from this incident? We explore.

Continue reading

How Nation States Are Using A Sixteenth Century Ruse To Commit Cyberattacks

Startling findings suggest nation states are primarily responsible for malware, outpacing criminal gangs. We look at how they are using 16th century techniques to do it.

Continue reading

Employee/Customer Data On Black Market Triggers Federal And State Laws

A foreign executive is accused of selling the data of 31 million customers on the black market. What laws does the U.S. have regarding the sale of personal data? We examine.

Continue reading

Waiting To Replace That Old Software? Consider Making It A Priority

March 13, 2025

A large-scale cyberattack by the North Korean hacking group ScarCruft (also known as APT37 or RedEyes) occurred in May 2024. They exploited a zero-day vulnerability in Internet Explorer, tracked as CVE-2024-38178, to infect targets with the RokRAT malware. Despite Internet Explorer being officially retired, its components still exist in Windows and third-party software, making it a target for hackers.

ScarCruft compromised a South Korean online advertising agency's server to push malicious "Toast ads" on free software used by many South Koreans. These ads included a malicious iframe that triggered remote code execution via the Internet Explorer flaw. The RokRAT malware exfiltrated files, performed keylogging, monitored clipboard changes, and captured screenshots.

Microsoft patched the vulnerability in August 2024.

Source: https://www.bleepingcomputer.com/news/security/malicious-ads-exploited-internet-explorer-zero-day-to-drop-malware/

Commentary

The North Koreans targeted South Koreans, but the article provides important lessons to all organizations, no matter location, about using software that is outdated or unsupported. 

  • Unsupported software no longer receives security updates, making it vulnerable to new exploits and attacks. In this case, the Internet Explorer vulnerability allowed hackers to execute remote code and spread malware.
  • Operational Inefficiencies: Unsupported software may not be compatible with newer systems and applications, leading to operational inefficiencies, increased maintenance costs and security lapses
  • As seen in the above source, outdated software can be a gateway for cyber-espionage and data breaches, compromising sensitive information.

The final takeaway is that organizations should prioritize regular software updates and consider transitioning to supported and secure alternatives to outdated software to mitigate security risks.

Finally, your opinion is important to us. Please complete the opinion survey:

This site uses essential/technical cookies to function. Cookies allow us to provide the best experience possible and must be enabled to use this site properly. By continuing to use this site, you agree to our use of cookies. Please see our Privacy Policy or How to Enable Cookies for more information.

An error has occurred. We have been notified and are working to resolve the problem. Please return to the front page and try this action again later.

Error!

An Error has ocurred on this site.

The error has been reported to our programmers and we are working to correct it. We generally get errors fixed overnight, so please feel free to try this action again tomorrow.