Lots of Software Updates, a Few Breaches, and One Anonymous Story
Missed this week’s security news? No problem. WatchGuard’s Security Week in Review video will fill you in. This week I talk about all the Microsoft Patch Day updates, a few significant network attacks, and a booby-trapped Anonymous Linux distribution. Watch below to learn more.
By the way, in the video I talk about a serious Windows RDP flaw, and the rumor that someone had released a public exploit targeting this flaw. This morning, right after I produced this week’s video, I learned that the exploit has indeed gone public. So far, the researcher has only released a “proof-of-concept” exploit, which will crash the RDP service. No one has released a “weaponized” exploit yet. However, with this code available it’s only a matter of time. While I’ve said this quite a few times this week, I highly suggest you apply Microsoft’s RDP patch now!
As always, I include an Episode Reference guide below, where you can read more about each of these stories. As an aside, thanks for your comments and suggestions last week — keep them coming. I have noted that many people would like a shorter intro to the video. I wasn’t able to change it this week, but I will soon. (Video Runtime: 7:46)
Episode References:
- Updates and Patches:
- Microsoft Patch Day summary – WatchGuard Security Center
- Windows updates – WatchGuard Security Center
- Visual and Expression Studio – WatchGuard Security Center
- ColdFusion security update – WatchGuard Security Center
- Safari patches 83 vulnerabilities – MSN
- Cyber attacks and breaches:
- BBC cyber attack – BBC
- XSS flaw on PayPal – E Hacking News
- Ancestry.com breach – MSN
- AnonymousOS pulled due to trojans