Home Tags Unpatched

Tag: unpatched

Cloudflare Debuts Orbit Security Service to Protect IoT Devices

New service from Cloudflare provides a buffer network for IoT devices that can help protect against unpatched vulnerabilities and cyber-attacks.

Australia’ Smart meter leaders lag in securing devices

Centre for Internet Safety calls for consumer safeguards Default passwords, unpatched firmware, unencrypted traffic: according to a report from a Canberra University research organisation, Australia's smart electricity meter rollouts are characterised by n00b-level security gaffes.…

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack...

Vulnerable unpatched systems expose exploitable SMB networking to world+dog The NSA's Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, we're told.…

Linksys Smart Wi-Fi routers a hotbed of unpatched security flaws

Over 20 models are impacted, exposing thousands of household devices online to exploit.

Oh my Microsoft Word: Dridex hackers exploit unpatched flaw

Banking trojan-proofing will take place later today Cybercrooks are actively exploiting an unpatched Microsoft Word vulnerability to distribute the Dridex banking trojan, claim researchers.…

‘Amnesia’ IoT botnet feasts on year-old unpatched vulnerability

New variant of 'Tsunami' is a disaster waiting to happen Hackers have brewed up a new variant of the IoT/Linux botnet "Tsunami" that exploits a year-old but as yet unresolved vulnerability.…

Millions of websites affected by unpatched flaw in Microsoft IIS 6...

A proof-of-concept exploit has been published for an unpatched vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported but still widely used.The exploit allows attackers to execute malicious code on Windows servers running IIS 6.0 with the privileges of the user running the application.

Extended support for this version of IIS ended in July 2015 along with support for its parent product, Windows Server 2003.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]Even so, independent web server surveys suggest that IIS 6.0 still powers millions of public websites. In addition, many companies might still run web applications on Windows Server 2003 and IIS 6.0 inside their corporate networks, so this vulnerability could help attackers perform lateral movement if they access such networks through other means.To read this article in full or to leave a comment, please click here

Half of Android Devices Unpatched Last Year

Google said half of Android devices are unpatched and that percentage of potentially harmful apps on phones installed from all sources rose in 2016.

Google Nest: Unpatched bug lets intruders use Bluetooth to stop cameras...

What good is a surveillance camera that sees but doesn't record?

Vastly improve your IT security in 2 easy steps

It’s a rough number, but I’d wager that 99 percent of computer security risk in most organizations can be attributed to two root causes: social engineering and unpatched software. I’m not talking about pure numbers of success exploits, but overall impact. Many CISOs and threat intelligence analysts have told me that 100 percent of the biggest events at their company involved social engineering.

Certainly, bad breaks enter your environment through other means, which is why we still need to secure our servers, encrypt our disks, and prevent physical intrusions.

But in terms of the biggest impact, most organizations can tie those events to two root causes.To read this article in full or to leave a comment, please click here

Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

Cisco said an unpatched critical vulnerability exposed by WikiLeaks' Vault 7 release of CIA documents could give an attacker full control of the targeted switches and routers.

Nintendo Switch ships with unpatched 6-month-old WebKit vulnerabilities

Apple patched so-called "Trident" bugs were in iOS 9.3.5 back in August.