Wild Exploit, AutoCAD Malware, and a Hacking Demo
Did you apply Microsoft’s patches and Fixit last week? If not, this week’s news (and attack demo) ought to convince you to jump on those important updates right away.
Today’s episode warns of attackers actively targeting two of Microsoft’s vulnerabilities from last week, a new malware sample that specifically steals AutoCAD diagrams and blueprints, and a trio of Cisco security advisories fixing vulnerabilities in their security and VPN products. For the curious and technically inclined, I’ve even included an attack demo showing how easy it is for script kiddies to exploit the Microsoft XML Core Services vulnerability using Metasploit. If you want to see a drive-by download in action, and get a few Metasploit tips along the way, check out this week’s episode below.
If video’s not your thing, you can also find links to all this week’s stories in the Reference section. Don’t forget to leave feedback, suggestions, or questions in the comment section if you have anything to share. See you next week and have a great weekend.
(Episode Runtime: 13:00)
Direct YouTube Link: http://www.youtube.com/watch?v=rWGE7i-AIU4
- Attackers exploit XML Core Services and IE SameID flaws – PCWorld
- Malware targets AutoCAD – The Register
- Cisco Security Advisories
- Tool Tip: Microsoft EMET
— Corey Nachreiner, CISSP (@SecAdept)
Rob Collins says
Does the WatchGuard IPS protect against the XML vulnerability?
Corey Nachreiner says
Yes. We have signatures for both the XML Core Services vulns, and for the IE Same_ID vuln. We got the signatures shortly after Patch Day. If you have updated to signature set 4.208, you can go to FSM, and show signatures, then search for MSXML or for “Same ID”, and you will find the signatures in question.
μετακομισεις εντος Αττικης says
When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get several emails with
the same comment. Is there any way you can remove people from that service?
Thanks a lot!