Michael Mimoso – Page 20 – WindowsTechs.com

Malware Network Communication Provides Better Early Warning Signal

Posted on May 24, 2017 by Michael Mimoso

An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices. Continue reading Malware Network Communication Provides Better Early Warning Signal→

Yahoo Retires ImageMagick After Bugs Leak Server Memory

Posted on May 23, 2017 by Michael Mimoso

Researcher Chris Evans reported a new bug and showed how also used a previously known flaw in ImageMagick to leak Yahoo server data and steal images and authentication secrets. Continue reading Yahoo Retires ImageMagick After Bugs Leak Server Memory→

Verizon Patches XSS Issues in its Messaging Client

Posted on May 22, 2017 by Michael Mimoso

Verizon patched late last year persistent- DOM-based cross-site scripting vulnerabilities in its Message+ messaging client that could allow an attacker to control a user’s session. Continue reading Verizon Patches XSS Issues in its Messaging Client→

EternalRocks Worm Spreads Seven NSA SMB Exploits

Posted on May 22, 2017 by Michael Mimoso

A worm called EternalRocks has been spreading seven Windows SMB exploits leaked by the ShadowBrokers, including EternalBlue, which was used to spread WannaCry. Continue reading EternalRocks Worm Spreads Seven NSA SMB Exploits→

EternalRocks Worm Spreads Seven NSA SMB Exploits

Posted on May 22, 2017 by Michael Mimoso

Available Tools Making Dent in WannaCry Encryption

Posted on May 19, 2017 by Michael Mimoso

Tools are beginning to emerge that can be used to begin the process of recovering files encrypted by WannaCry on some Windows systems. Continue reading Available Tools Making Dent in WannaCry Encryption→

PATCH Act Calls for VEP Review Board

Posted on May 18, 2017 by Michael Mimoso

The PATCH Act proposes the formation of a review board that would formalize and make transparent the processes by which the government determines whether it will use or disclose a zero-day vulnerability. Continue reading PATCH Act Calls for VEP Review Board→

Next NSA Exploit Payload Could be Much Worse Than WannaCry

Posted on May 17, 2017 by Michael Mimoso

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware. Continue reading Next NSA Exploit Payload Could be Much Worse Than WannaCry→

WannaCry Shares Code with Lazarus APT Samples

Posted on May 16, 2017 by Michael Mimoso

Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT. Continue reading WannaCry Shares Code with Lazarus APT Samples→

ShadowBrokers Planning Monthly Exploit, Data Dump Service

Posted on May 16, 2017 by Michael Mimoso

The latest rant from the ShadowBrokers ends with news of a subscription service starting in June that will leak exploits and stolen data to paying customers. Continue reading ShadowBrokers Planning Monthly Exploit, Data Dump Service→