Bishop Fox – Page 2 – WindowsTechs.com

Is your perimeter inventory leaving you exposed? Why it’s time to switch from IP to DNS

Posted on May 22, 2019 by Help Net Security

Historically, security teams and tools have used IP addresses to define their targets and scopes. But in a world where applications and networks are increasingly cloud-hosted or integrated with third-party services, IP addresses alone aren’t enough to … Continue reading Is your perimeter inventory leaving you exposed? Why it’s time to switch from IP to DNS→

Bishop Fox raises $25 million to grow its research capabilities and security testing services

Posted on February 27, 2019 by Industry News

Bishop Fox, the largest private professional services firm focused on offensive security testing, announced that it closed $25 million in Series A funding from ForgePoint Capital. The funding will allow Bishop Fox to grow its research capabilities and … Continue reading Bishop Fox raises $25 million to grow its research capabilities and security testing services→

Drones emerge as new dimension in cyberwar

Posted on February 5, 2018 by Patrick Howell O'Neill

It sounds a little bit sci-fi, but make no mistake: The next front in cyberwar is literally above your head. Military technology companies from around the world are rushing to design, build and sell drones that hack and track, while others want to own the business of hacking of the drones themselves. The burgeoning market is foreshadowing battles that could play out in the skies and, for some companies, bring significant profits. It’s an immature set of technologies — lots of marketing, precious few finished products — but there is a growing appetite for them. “This market is about to blow up,” said Francis Brown, a partner at the cybersecurity consultancy Bishop Fox. “Everybody’s trying to grab market share. The next year or two is going to decide who will become Pepsi and Coke out of all these products.” As an act of research, as opposed to selling a product, Brown and Bishop Fox […]

The post Drones emerge as new dimension in cyberwar appeared first on Cyberscoop.

Continue reading Drones emerge as new dimension in cyberwar→

October Patch Tuesday: 61 bugs and one zero-day fixed

Posted on October 11, 2017 by Zeljka Zorz

For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The zero-day The memory corruption zero-day vulnerability in Microsoft Office (CVE-2017-11826) is reported to be actively exploited in the wild. “An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control … More → Continue reading October Patch Tuesday: 61 bugs and one zero-day fixed→

Microsoft’s October Patch Batch Fixes 62 Flaws

Posted on October 11, 2017 by BrianKrebs

Microsoft on Tuesday released software updates to fix at least 62 security vulnerabilities in Windows, Office and other software. Two of those flaws were detailed publicly before yesterday’s patches were released, and one of them is already being exploited in active attacks, so attackers already have a head start. Continue reading Microsoft’s October Patch Batch Fixes 62 Flaws→

Bugs in Windows DNS client open millions of users to attack

Posted on October 11, 2017 by Zeljka Zorz

In this month’s Patch Tuesday, Microsoft has included fixes for multiple critical memory corruption vulnerabilities in the Windows DNS client, which could be exploited by attackers to gain access to the target’s system. About the vulnerabilities The vulnerabilities, collectively identified as CVE-2017-11779, were discovered by Bishop Fox researcher Nick Freeman, and there is no indication that they have been exploited in attacks in the wild. They are present in Windows 8 through Windows 10, and … More → Continue reading Bugs in Windows DNS client open millions of users to attack→

Critical Windows DNS vulnerability gives hackers the ‘keys to the kingdom’

Posted on October 10, 2017 by Patrick Howell O'Neill

A critical vulnerability affecting millions of Windows users allows an attacker to potentially insert malicious payloads, execute arbitrary code with the permission of an application like a web browser or any software that uses DNS, and take complete control over a target computer or server. The vulnerability, discovered by researcher Nick Freeman at cybersecurity firm Bishop Fox, impacts the DNS client in Windows 8 and Windows 10, as well as Windows Server 2012 through 2016. A huge range of software conducts DNS requests for everything from web browsing to streaming media. Stepping in the middle of a target and DNS server, an attacker can respond to a request with malicious data to trigger the vulnerability. Microsoft published a fix in the October 2017 instance of Patch Tuesday, the monthly round of software updates pushed out by the tech giant. There is no indication that the vulnerability has been exploited in the wild. […]

The post Critical Windows DNS vulnerability gives hackers the ‘keys to the kingdom’ appeared first on Cyberscoop.

Continue reading Critical Windows DNS vulnerability gives hackers the ‘keys to the kingdom’→

Microsoft Patches Critical Windows DNS Client Vulnerabilities

Posted on October 10, 2017 by Michael Mimoso

Microsoft patched three memory corruption vulnerabilities in the Windows DNS client that could be abused by a man-in-the-middle attacker to run arbitrary code. Continue reading Microsoft Patches Critical Windows DNS Client Vulnerabilities→

Inside the Latest Apple iMessage Bug

Posted on April 12, 2016 by Michael Mimoso

Researchers from Bishop Fox and Uber found a frighteningly simple way to spread trouble through Apple iMessage. Continue reading Inside the Latest Apple iMessage Bug→