BADLOCK – Are ‘Branded’ Exploits Going Too Far?

So there’s been hype about this big exploit coming, for over a month, before anything was released. It had a name, a website and a logo – and it was called Badlock. And now it’s out, and it’s more like Sadlock – really a local network DoS against DCE/RPC services on Windows and Linux with […]

The post BADLOCK – Are…

Read the full post at darknet.org.uk

Continue reading BADLOCK – Are ‘Branded’ Exploits Going Too Far?

‘Badlock’ Bug Tops Microsoft Patch Batch

Microsoft released fixes on Tuesday to plug critical security holes in Windows and other software. The company issued 13 patches to tackle dozens of vulnerabilities, including a much-hyped “Badlock” file-sharing bug that appears ripe for exploitation. Also, Adobe updated its Flash Player release to address at least two-dozen flaws — in addition to the zero-day vulnerability Adobe patched last week. Continue reading ‘Badlock’ Bug Tops Microsoft Patch Batch

Microsoft patches Badlock, but doesn’t call it critical

Microsoft just released several security bulletins, with six marked as critical and seven categorized as important. The biggest surprise (or disguise) came in the patch marked only as important titled “Security Update for SAM and LSAD Remote Protocols” – this refers to the vulnerability more commonly known as Badlock. As it turns out Badlock was not directly part of an exploit in Server Message Block (SMB) as original anticipated but rather part of Microsoft authentication … More Continue reading Microsoft patches Badlock, but doesn’t call it critical

Badlock Vulnerability Clues Few and Far Between

Admins have to hold their breath for two more weeks on the Badlock vulnerability. Which will come first: the patch, or a public exploit? Continue reading Badlock Vulnerability Clues Few and Far Between

Threatpost News Wrap, March 25, 2016

Mike Mimoso and Chris Brook recap the week in news, including how the FBI vacated Tuesday’s Apple hearing, a crypto iMessage bug that was patched, and the latest hospital to be hit by the ransomware Locky. The two also preview Badlock and what implicat… Continue reading Threatpost News Wrap, March 25, 2016