HEAT Security Blog

Patch Tuesday Still Alive and Well – And Offering Something for Everyone

Despite the launch of Windows 10 and all the talk about mandatory updates, today is still Patch Tuesday. And this month, everyone should pay attention. Microsoft shared avulnerability smorgasbord today – offering a little something for everyone. From office and browser applications to desktops and servers, Microsoft covered them all with 14 bulletins.

> Read More

The Pwnie Awards – 2015 Edition

On August 5th Black Hat participants gathered at the Mandalay Bay for the 2015 annual presentation of The Pwnie Awards. The Pwnie Awards began in 2007 and have honored the most magnificent achievements and failures of the information security industry ever since. The winners aren’t [yet] posted on the official pwnies website.

> Read More

Windows 10 – Cause for Confusion

As of August 1, ComputerWorld reported Windows 10 global usage had climbed to 2.5%. Not too shabby for the OS that was launched just three days earlier on July 29. Those numbers easily beat early adoption rates for Windows 8.1 but, I wonder how those users are faring? A quick read of headlines shows a lot of headaches ranging from overall privacy concerns to unwanted update files being delivered to networked machines still running Windows 7 or 8.1.

> Read More

Survey Shows Disconnects in Mindshare, Budget, Time

Black Hat USA 2015 is underway in Las Vegas. The Black Hat conferences are an opportunity for IT Security professionals to learn new techniques and vulnerabilities from each other. They also provide ethical hackers a platform from which they can demonstrate the seriousness of the security flaws they find most important.

This year no less than 32 new zero-day vulnerabilities are scheduled to be announced.

> Read More

Ransomware – Now for Websites

Over the last several weeks I’ve written about ransomware primarily as it relates to individual machines or mobile devices. There is another very sneaky variant of ransomware which you should be aware of. It’s specifically crafted to hold websites hostage. It’s called RansomWeb. It’s methodology is slow and diabolical, and I believe it’s out there silently working on websites today.

> Read More

Critical Out-of-Band Patch from Microsoft – Update Now!

No sooner have you digested the latest Patch Tuesday releases than you’re hit by a relatively rare out-of-band patch from Microsoft. As Russ said in his post, it’s definitely a crazy month!

This emergency patch corrects a remote code execution (RCE) vulnerability found in all supported versions of Windows – including the soon-to-be released Windows 10.

> Read More

How Do You Protect Your Systems From Ransomware?

In my previous two posts How Does Ransomware Work? Part 1 and Part 2 I described the process ransomware goes through to get on your systems, encrypt your files, and collect your money. Like any malware, all of the steps in the process need to be successful in order for ransomware to work.

> Read More

R.I.P. Windows Server 2003

As you should know by now, Microsoft ended support for Windows Server 2003 on July 14, 2015. But surveys suggest that many organizations may not be ready:

  • 50% of organizations started 2015 with no migration plan – or were unaware that support was ending.
  • 1/3 of organizations hope to complete their migrations sometime after the end-of-support date – stretching out to 2016 – while another 1/3 were unsure when they will complete the migration.

> Read More

Adobe Overshadows ‘Last’ Microsoft Patch Tuesday

In the last Patch Tuesday before users may upgrade their Windows operating systems to Windows 10 on July 29 and subsequently enlist a changed patching process, we have 14 updates to deal with from Microsoft that address 59 total vulnerabilities. Equally as important however are the three 0-days in Adobe Flash Player and an impending 193 new fixes from Oracle,

> Read More

How Does Ransomware Work? Part 2

In part 1 I outlined how ransomware gets on your system in the first place. We saw that it operates in much the same manner as other malware: It needs a delivery system, a vulnerability to exploit, a payload to install, and a way to establish communications with a command & control (C&C) server.

> Read More