Wild Exploit, AutoCAD Malware, and a Hacking Demo
Did you apply Microsoft’s patches and Fixit last week? If not, this week’s news (and attack demo) ought to convince you to jump on those important updates right away.
Today’s episode warns of attackers actively targeting two of Microsoft’s vulnerabilities from last week, a new malware sample that specifically steals AutoCAD diagrams and blueprints, and a trio of Cisco security advisories fixing vulnerabilities in their security and VPN products. For the curious and technically inclined, I’ve even included an attack demo showing how easy it is for script kiddies to exploit the Microsoft XML Core Services vulnerability using Metasploit. If you want to see a drive-by download in action, and get a few Metasploit tips along the way, check out this week’s episode below.
If video’s not your thing, you can also find links to all this week’s stories in the Reference section. Don’t forget to leave feedback, suggestions, or questions in the comment section if you have anything to share. See you next week and have a great weekend.
(Episode Runtime: 13:00)
Direct YouTube Link: http://www.youtube.com/watch?v=rWGE7i-AIU4
Episode References:
- Attackers exploit XML Core Services and IE SameID flaws – PCWorld
- Malware targets AutoCAD – The Register
- Cisco Security Advisories
- Tool Tip: Microsoft EMET