Tag: windows

Microsoft Warns of Windows Zero-Day Exploitation

Microsoft Warns of Windows Zero-Day Exploitation

Information Security, IT Support
Microsoft Warns of Windows Zero-Day Exploitation Microsoft has revealed that it’s aware of on-going targeted cyberattacks exploiting two zero-day vulnerabilities found in the Windows Adobe Type Manager Library and impacting all supported versions of Windows. What Is Zero-Day? Zero-day is a security vulnerability in a software that’s known to the software vendor but the vendor doesn’t have a security update, also known as a patch, to fix the security vulnerability. If this zero-day vulnerability is known by malicious actors, this vulnerability has the potential to be exploited. According to Microsoft, two zero-day remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. Successful exploitation of this collective vulnerability in Windows Adobe Type Manager…
Read More
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Information Security, IT Support
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows Microsoft is advising Windows users, including users of modern versions of Windows, to apply the recently released security update as this latest update fixes 2 wormable vulnerabilities. What Is Wormable Vulnerability? Wormable vulnerability refers to a security vulnerability in which future malicious software (malware) that exploits this vulnerability could spread from vulnerable computer to vulnerable computer without user interaction, specifically replicating itself in order to spread to other computers. CVE-2019-1181 and CVE-2019-1182are the 2 wormable vulnerabilities that Microsoft fixed in its latest update. Both security vulnerabilities CVE-2019-1181 and CVE-2019-1182 allow an attacker to send a specially crafted request to the target Windows systems via Remote Desktop Protocol (RDP) – a proprietary protocol developed by Microsoft, allowing a user to connect…
Read More
More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

Information Security, IT Support, Security
More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows A study conducted by IBM showed that more than half of cyberattacks exploit common administration tools or tools that already exist on targeted computers. IBM’s 2019 X-Force Threat Intelligence Indexshowed that more than half or 57% of cyberattacks leveraged common administration tools and in the process, evading detection, maintaining persistence and achieving their objectives. Living Off the Land The phrase “living off the land” is the term used for cyberattacks that leverage tools that already exist on targeted computers. This type of cyberattack blends in with common administration work, making detection more difficult. According to IBM, one of the common administration tools that’s often used by cyberattackers is PowerShell. What Is PowerShell? PowerShell is a…
Read More
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

Information Security, Servers
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks Servers are the core of every organization’s I.T. operations. Many organizations, however, leave this core component open to cyberattacks through SMBv1. What Is SMBv1? SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers and other resources on a network. SMBv2, which stands for Server Message Block version 2, was introduced in Windows Vista and Windows Server 2008. SMBv3 was introduced in Windows 8 and Windows Server 2012. In 2014, Microsoft publicly regarded SMBv1 as obsolete and best avoided. SMBv1 isn’t installed by default in the…
Read More
Race to Patch Known Cybersecurity Vulnerabilities

Race to Patch Known Cybersecurity Vulnerabilities

Information Security, Security
Race to Patch Known Cybersecurity Vulnerabilities More than a month since Microsoft rolled out its April 30, 2018 update on Windows 10, the company said nearly 250 million or one-third of the nearly 700 million computers using Windows 10 have applied this update. This Microsoft data shows that nearly 450 million or two-thirds of machines using Windows 10 as their operating system (OS) haven’t applied the April 2018 patch. Prevalence of Delayed Patching A patch is a piece of code that’s inserted (or patched) into an existing software program. It’s meant to improve performance, usability or to fix known cybersecurity vulnerabilities. It’s a known fact that many organizations don’t patch immediately. Researchers at Renditionrevealed that more than a month after Microsoft released its March 2017 update, over 148,000 machines hadn’t…
Read More

Tag: windows

Microsoft Warns of Windows Zero-Day Exploitation

Microsoft Warns of Windows Zero-Day Exploitation

Information Security, IT Support
Microsoft Warns of Windows Zero-Day Exploitation Microsoft has revealed that it’s aware of on-going targeted cyberattacks exploiting two zero-day vulnerabilities found in the Windows Adobe Type Manager Library and impacting all supported versions of Windows. What Is Zero-Day? Zero-day is a security vulnerability in a software that’s known to the software vendor but the vendor doesn’t have a security update, also known as a patch, to fix the security vulnerability. If this zero-day vulnerability is known by malicious actors, this vulnerability has the potential to be exploited. According to Microsoft, two zero-day remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. Successful exploitation of this collective vulnerability in Windows Adobe Type Manager…
Read More
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Information Security, IT Support
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows Microsoft is advising Windows users, including users of modern versions of Windows, to apply the recently released security update as this latest update fixes 2 wormable vulnerabilities. What Is Wormable Vulnerability? Wormable vulnerability refers to a security vulnerability in which future malicious software (malware) that exploits this vulnerability could spread from vulnerable computer to vulnerable computer without user interaction, specifically replicating itself in order to spread to other computers. CVE-2019-1181 and CVE-2019-1182are the 2 wormable vulnerabilities that Microsoft fixed in its latest update. Both security vulnerabilities CVE-2019-1181 and CVE-2019-1182 allow an attacker to send a specially crafted request to the target Windows systems via Remote Desktop Protocol (RDP) – a proprietary protocol developed by Microsoft, allowing a user to connect…
Read More
More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

Information Security, IT Support, Security
More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows A study conducted by IBM showed that more than half of cyberattacks exploit common administration tools or tools that already exist on targeted computers. IBM’s 2019 X-Force Threat Intelligence Indexshowed that more than half or 57% of cyberattacks leveraged common administration tools and in the process, evading detection, maintaining persistence and achieving their objectives. Living Off the Land The phrase “living off the land” is the term used for cyberattacks that leverage tools that already exist on targeted computers. This type of cyberattack blends in with common administration work, making detection more difficult. According to IBM, one of the common administration tools that’s often used by cyberattackers is PowerShell. What Is PowerShell? PowerShell is a…
Read More
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

Information Security, Servers
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks Servers are the core of every organization’s I.T. operations. Many organizations, however, leave this core component open to cyberattacks through SMBv1. What Is SMBv1? SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers and other resources on a network. SMBv2, which stands for Server Message Block version 2, was introduced in Windows Vista and Windows Server 2008. SMBv3 was introduced in Windows 8 and Windows Server 2012. In 2014, Microsoft publicly regarded SMBv1 as obsolete and best avoided. SMBv1 isn’t installed by default in the…
Read More
Race to Patch Known Cybersecurity Vulnerabilities

Race to Patch Known Cybersecurity Vulnerabilities

Information Security, Security
Race to Patch Known Cybersecurity Vulnerabilities More than a month since Microsoft rolled out its April 30, 2018 update on Windows 10, the company said nearly 250 million or one-third of the nearly 700 million computers using Windows 10 have applied this update. This Microsoft data shows that nearly 450 million or two-thirds of machines using Windows 10 as their operating system (OS) haven’t applied the April 2018 patch. Prevalence of Delayed Patching A patch is a piece of code that’s inserted (or patched) into an existing software program. It’s meant to improve performance, usability or to fix known cybersecurity vulnerabilities. It’s a known fact that many organizations don’t patch immediately. Researchers at Renditionrevealed that more than a month after Microsoft released its March 2017 update, over 148,000 machines hadn’t…
Read More