Despite the launch of Windows 10 and all the talk about mandatory updates, today is still Patch Tuesday. And this month, everyone should pay attention. Microsoft shared avulnerability smorgasbord today – offering a little something for everyone. From office and browser applications to desktops and servers, Microsoft covered them all with 14 bulletins.
On August 5th Black Hat participants gathered at the Mandalay Bay for the 2015 annual presentation of The Pwnie Awards. The Pwnie Awards began in 2007 and have honored the most magnificent achievements and failures of the information security industry ever since. The winners aren’t [yet] posted on the official pwnies website.
As of August 1, ComputerWorld reported Windows 10 global usage had climbed to 2.5%. Not too shabby for the OS that was launched just three days earlier on July 29. Those numbers easily beat early adoption rates for Windows 8.1 but, I wonder how those users are faring? A quick read of headlines shows a lot of headaches ranging from overall privacy concerns to unwanted update files being delivered to networked machines still running Windows 7 or 8.1.
If you needed any more convincing as to just how big a deal the recently discovered Stagefright vulnerability is on Android devices, just take a look at how Google and Samsung are responding.
Black Hat USA 2015 is underway in Las Vegas. The Black Hat conferences are an opportunity for IT Security professionals to learn new techniques and vulnerabilities from each other. They also provide ethical hackers a platform from which they can demonstrate the seriousness of the security flaws they find most important.
This year no less than 32 new zero-day vulnerabilities are scheduled to be announced.
A researcher has found a serious Android vulnerability that requires no interaction at all by the user to hijack their device. In fact, the vulnerability could allow a hacker to infect your mobile phone, while you’re fast asleep.
Over the last several weeks I’ve written about ransomware primarily as it relates to individual machines or mobile devices. There is another very sneaky variant of ransomware which you should be aware of. It’s specifically crafted to hold websites hostage. It’s called RansomWeb. It’s methodology is slow and diabolical, and I believe it’s out there silently working on websites today.
No sooner have you digested the latest Patch Tuesday releases than you’re hit by a relatively rare out-of-band patch from Microsoft. As Russ said in his post, it’s definitely a crazy month!
This emergency patch corrects a remote code execution (RCE) vulnerability found in all supported versions of Windows – including the soon-to-be released Windows 10.
In my previous two posts How Does Ransomware Work? Part 1 and Part 2 I described the process ransomware goes through to get on your systems, encrypt your files, and collect your money. Like any malware, all of the steps in the process need to be successful in order for ransomware to work.
With every day that passes, more details of the activities of controversial spyware firm Hacking Team come to light, aided by the release of 400 GB of documents, source code and email archives from the hacked firm.
As you should know by now, Microsoft ended support for Windows Server 2003 on July 14, 2015. But surveys suggest that many organizations may not be ready:
- 50% of organizations started 2015 with no migration plan – or were unaware that support was ending.
- 1/3 of organizations hope to complete their migrations sometime after the end-of-support date – stretching out to 2016 – while another 1/3 were unsure when they will complete the migration.
In the last Patch Tuesday before users may upgrade their Windows operating systems to Windows 10 on July 29 and subsequently enlist a changed patching process, we have 14 updates to deal with from Microsoft that address 59 total vulnerabilities. Equally as important however are the three 0-days in Adobe Flash Player and an impending 193 new fixes from Oracle,
In part 1 I outlined how ransomware gets on your system in the first place. We saw that it operates in much the same manner as other malware: It needs a delivery system, a vulnerability to exploit, a payload to install, and a way to establish communications with a command & control (C&C) server.
Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.