BlueKeep – everyone agrees, you should patch PCs running legacy versions of Windows

I have this horrible feeling that the only way we’re going to wake the world up to the need to patch their ageing versions of Windows against the BlueKeep vulnerability is to wait until a malicious worm begins to spread around the world.
Prove me… Continue reading BlueKeep – everyone agrees, you should patch PCs running legacy versions of Windows

This Week in Security: Nvidia, Ransomware Retirement, and a TOCTOU Bug in Docker

Nvidia’s GeForce Experience (GFE) is the companion application for the Nvidia drivers, keeping said drivers up to date, as well as adding features around live streaming and media capture. The application runs as two parts, a GUI, and a system service, using an HTTP API to communicate. [David Yesland] from …read more

Continue reading This Week in Security: Nvidia, Ransomware Retirement, and a TOCTOU Bug in Docker

Is disabling Remote Desktop Services sufficient to protect a Windows device from the BlueKeep vulnerability?

Microsoft (and the NSA) have been urging Windows users and administrators to install patches to protect systems from the BlueKeep (CVE-2019-0708) vulnerability.

Is disabling Remote Desktop Services sufficient to protect any … Continue reading Is disabling Remote Desktop Services sufficient to protect a Windows device from the BlueKeep vulnerability?

Smashing Security #131: Zap yourself from the net, and patch now against BlueKeep

Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after your murder your podcast co-host?
All this and much more is discussed in the latest edition of the award-winning &#… Continue reading Smashing Security #131: Zap yourself from the net, and patch now against BlueKeep

BlueKeep ‘Mega-Worm’ Looms as Fresh PoC Shows Full System Takeover

A working exploit for the critical remote code-execution flaw shows how an unauthenticated attacker can achieve full run of a victim machine in about 22 seconds. Continue reading BlueKeep ‘Mega-Worm’ Looms as Fresh PoC Shows Full System Takeover

Cyber Security Roundup for May 2019

May 2019 was the busiest month of the year for critical security vulnerabilities and patch announcements. The standout was a Microsoft critical security update for Windows, rated with a CVSS score of 9.8 of 10. This vulnerability fixes CVE-20… Continue reading Cyber Security Roundup for May 2019

Gatekeeper, WannaCry, and BlueKeep- Paul’s Security Weekly #606

    In the security news, giving you the latest on thousands of infected servers from a cryptojacking campaign, an open letter to the GCHQ calling out spy agencies, and a new vulnerability that makes you WannaCry! Paul’s Stories Redditor can stay… Continue reading Gatekeeper, WannaCry, and BlueKeep- Paul’s Security Weekly #606