Collaborate Disseminate
Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to an… Continue reading Critical Patch Released for ‘Wormable’ SMBv3 Vulnerability — Install It ASAP!
Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMB… Continue reading Warning — Unpatched Critical ‘Wormable’ Windows SMBv3 Flaw Disclosed
The US-CERT has released a joint technical alert from the DHS and the FBI, warning about two newly identified malware being used by the prolific North Korean APT hacking group known as Hidden Cobra.
Hidden Cobra, often known as Lazarus Group and Guard… Continue reading FBI issues alert over two new malware linked to Hidden Cobra hackers
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report.
The Microsoft Outlook vuln… Continue reading Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
A new widespread ransomware worm, known as “Bad Rabbit,” that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims’ networks.
Earl… Continue reading Bad Rabbit Ransomware Uses Leaked ‘EternalRomance’ NSA Exploit to Spread
One of the most devastating aspects of the recent WannaCry ransomware attack was its self-propagating capability exploiting a vulnerability in the file access protocol, SMB v1.
Most enterprises defences are externally-facing, focused on stopping incom… Continue reading IPS as a Service Blocks WannaCry Spread Across the WAN
Although the wave of WannaCry and Petya ransomware has now been slowed down, money-motivated hackers and cyber criminals have taken lessons from the global outbreaks to make their malware more powerful.
Security researchers have now discovered at leas… Continue reading WannaCry Inspires Banking Trojan to Add Self-Spreading Ability
The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update.
The SMBv1 is one of the internet’s most ancient networking protocols that allows the operating systems and applications to read and write data to a system and a system to
Continue reading Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)
Now that researchers have built a port of EternalBlue to Windows 10, they’ve probably only now caught up to what the NSA has had for a long while. Continue reading Windows 10 Mitigations Make Future EternalBlue Attacks Difficult
Researchers at Kaspersky Lab have found a number of programming errors in the WannaCry ransomware code that put file recovery within reach of sysadmins. Continue reading WannaCry Development Errors Enable File Recovery