Tag: exploit

Time to Patch: BlueKeep Exploit Is Now Up For Sale

Time to Patch: BlueKeep Exploit Is Now Up For Sale

Information Security, IT Support
Time to Patch: BlueKeep Exploit Is Now Up For Sale A U.S. company has recently made available, for a fee, a BlueKeep Exploit, that takes advantage of a security vulnerability in the Remote Desktop Protocol (RDP) service included in older versions of the Windows operating system. While the commercial availability of this BlueKeep exploit gives legitimate cybersecurity professionals a tool to detect exposed RDP-enabled systems, it also gives malicious actors an opportunity to pirate or legitimately buy this tool for malicious activities. What Is BlueKeep? BlueKeep, officially known as CVE-2019-0708, is a vulnerability in the Remote Desktop Protocol (RDP) service included in Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows 2003 and Windows XP. Remote Desktop Protocol, commonly referred to as RDP, is a proprietary protocol developed by…
Read More
Software Updates: Gateway for Supply Chain Attacks

Software Updates: Gateway for Supply Chain Attacks

Information Security, IT Support, Security
Software Updates: Gateway for Supply Chain Attacks The confirmation by Taiwan-based tech giant ASUS that its software update was hijacked by cybercriminals to install malicious software (malware) on its customers’ notebook computers highlights the threat of supply chain attacks via software updates. A supply chain attack attempts to exploit the security vulnerability in a third-party service or software to compromise a final target. Hijacked software update is one of the most common forms of supply chain attack. Last March 26, ASUS, ranked by Gartner as the world's 5th-largest PC vendor in the 3rd quarter of 2018, asked its notebook computer customers to install the latest software update (version 3.6.8) after acknowledging that ASUS Live Update, a pre-installed software in ASUS notebook computers to ensure that the system always benefits from…
Read More

Tag: exploit

Time to Patch: BlueKeep Exploit Is Now Up For Sale

Time to Patch: BlueKeep Exploit Is Now Up For Sale

Information Security, IT Support
Time to Patch: BlueKeep Exploit Is Now Up For Sale A U.S. company has recently made available, for a fee, a BlueKeep Exploit, that takes advantage of a security vulnerability in the Remote Desktop Protocol (RDP) service included in older versions of the Windows operating system. While the commercial availability of this BlueKeep exploit gives legitimate cybersecurity professionals a tool to detect exposed RDP-enabled systems, it also gives malicious actors an opportunity to pirate or legitimately buy this tool for malicious activities. What Is BlueKeep? BlueKeep, officially known as CVE-2019-0708, is a vulnerability in the Remote Desktop Protocol (RDP) service included in Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows 2003 and Windows XP. Remote Desktop Protocol, commonly referred to as RDP, is a proprietary protocol developed by…
Read More
Software Updates: Gateway for Supply Chain Attacks

Software Updates: Gateway for Supply Chain Attacks

Information Security, IT Support, Security
Software Updates: Gateway for Supply Chain Attacks The confirmation by Taiwan-based tech giant ASUS that its software update was hijacked by cybercriminals to install malicious software (malware) on its customers’ notebook computers highlights the threat of supply chain attacks via software updates. A supply chain attack attempts to exploit the security vulnerability in a third-party service or software to compromise a final target. Hijacked software update is one of the most common forms of supply chain attack. Last March 26, ASUS, ranked by Gartner as the world's 5th-largest PC vendor in the 3rd quarter of 2018, asked its notebook computer customers to install the latest software update (version 3.6.8) after acknowledging that ASUS Live Update, a pre-installed software in ASUS notebook computers to ensure that the system always benefits from…
Read More