There exists another vulnerability (of sorts) within Microsoft Word that is actively being exploited for espionage and surveillance purposes. What is happening is that a Unicode reference to the INCLUDEPICTURE field can include a hyperlink to an external image or file, like a PHP script on a remote server. This is an OLE2 (Object Linking […]
VMware Exploited Again: Update Now
Jared Hall General, Internet Security No Comments
On Friday, 9/15/2017, VMware released patches for the ESXi Server, Workstation, and Fusion (Apple) hypervisors. The most serious issue, an out-of-bounds write vulnerability, exists in ESXi, and desktop hypervisors Workstation, and Fusion. An attacker could exploit the issue, which exists in a SVGA device, to execute code on the host O/S. This affects ESXi version […]
WordPress 4.8.2: Update Now.
Jared Hall WordPress No Comments
A new WordPress version, 4.8.2, has been released. As this contains security fixes, all WordPress sites should be updated immediately. The update includes a fix to $wpdb->prepare() to help protect against SQLi injection attacks. WordPress core is not vulnerable to SQLi injection attacks directly, but certain plugins and themes may be vulnerable depending on how […]
Top Attacking Countries: August 2017
Jared Hall General No Comments
The top three countries countries continue to be Russia, United States, and Ukraine. The US has moved into the top spot. China moved up two notches to #4. July 2017’s report can be found here.
Microsoft’s 9/2017 Patch Tuesday
Jared Hall Microsoft Windows No Comments
Microsoft’s September 2017 Patch Tuesday is a real humdinger, even exceeding August’s Patch Tuesday; encompassing 259 security patches covering 82 vulnerabilities. Windows 7: 22 vulnerabilities of which three are rated critical, 19 important Windows 8.1: 26 vulnerabilities of which four are rated critical, 22 important Windows 10 version 1703: 25 vulnerabilities of which two are […]
Equifax Hacked
Jared Hall General No Comments
Holy crap, Batman! Yes, the company of last resort to protect your identity has just coughed it up. This breach included the Social Security Numbers of 143 Million Americans, a little less that half of the US population. Equifax reports that over 209,000 credit card numbers were stolen, along with identifying information (PCI) for 182,000 […]
The Insecurity of Journalism
Jared Hall Internet Security, Spy vs. Spy No Comments
Bruce Schneier had an interesting post last week on how insecure journalists are. It turned out to be quite an animated discussion. As I commented therein, I really doubt that your typical newspaper reporter gets much cybersecurity, or even cyber-awareness, training in journalism school. There are no whistle-blowers that go to traditional media anymore, a […]
How To Monetize Your Job In Security
I am very happy that the Adobe Flash Player is finally getting killed off. It is the single most bug-ridden program that has ever existed on this planet. Even worse is that many people think that anything-Abobe is Open Source when, in fact, it is anything but. Nowadays, most websites have converted Flash content to […]
Of NSA Vulnerability Disclosures and Cyber-Command
Jared Hall General, Spy vs. Spy No Comments
Wow. That’s a lengthy title that covers just about anything. Really, this is just a sounding-out of what’s been happening in the Spy business lately. Vulnerability Disclosure To start with, there’s a good read on Lawfare, entitled “No, the U.S. Government Should Not Disclose All Vulnerabilities in Its Possession“. It was written by Rick Ledgett, Deputy […]
BOLO: Defray Ransomware
Jared Hall BOLOs, Internet Security No Comments
Proofpoint has identified a new type of ransomware called “Defray“. Two highly-targeted ransomware attacks have been directed at the Healthcare and Education sector, and another at the Manufacturing and Technology sector. As Proofpoint points out, the attack is not of the “spray and pray” variety like most other ransomware attacks. This suggests a very specific threat actor. […]