Today’s global ransomware attack is spreading via EternalBlue and through local networks using PSEXEC and WMIC.
Another RCE Vulnerability Patched in Microsoft Malware Protection Engine
Google Project Zero’s Tavis Ormandy found another remote code execution vulnerability in the Microsoft Malware Protection Engine, the third since early May.
NSA Advocates Data Sharing Framework
Fighting attackers needs a new approach that leverages a public-private data sharing framework, enabling immediate and collective responses.
Threatpost News Wrap, June 23, 2017
Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab’s latest report, WannaCry hitting Honda, GhostHook, and Fireball.
Siemens Patches Vulnerabilities in SIMATIC CP, XHQ
Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week
GhostHook Attack Bypasses Windows 10 PatchGuard
Researchers at CyberArk have developed a bypass for Windows PatchGuard that leverages Intel’s Processor Trace (Intel PT) technology to execute code at the kernel.
Drupal Patches Three Vulnerabilities in Core Engine
Developers with Drupal patched three vulnerabilities, one critical, one being exploited in the wild, in Drupal’s core engine on Wednesday.
Average Cost of Breach Goes Down For the First Time Ever
The good news is the cost of a data breach is down double-digits, the bad news the size and scope of breaches is creeping up.
Cisco Patches XXE, DOS, Code Execution Vulnerabilities
Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash and in some instances, arbitrary and remote code execution.
Avaya Patches Remote Code Execution Flaw in Aura
Avaya released a patch last week for a remote code execution vulnerability in its Avaya Aura Application Enablement Services software.