2 major stories of note today, first a Vietnamese
http://krebsonsecurity.com/2015/07/id-theft-service-proprietor-gets-13-years/ Obviously from the KrebsonSecurity website
Screenshot as of July15 morning.
Mr. Ngo had a ‘business’ that sold identity information to other entities for millions of dollars, with the full number of stolen identities unknown. At least 13673 US citizens had their identities stolen and had their tax returns fraudulently filed where other criminals made $65 million.
In case you were wondering there are specific cases or there were just headlines in the media.
The second major item is patch Tuesday (yesterday- July 14th) has a critical patch that needs to be patched As soon as it is tested in your environment:
Today’s Internet Storm Center has the full breakdown of 14 Microsoft Bulletins: https://isc.sans.edu/
The most important patch within this is the one that can allow your machines on the Internet to be hacked MS15-067 Vulnerability in RDP (Remote Desktop Protocol)
This security update resolves a vulnerability in Windows that could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system that has the Remote Desktop Protocol (RDP) server service enabled.
From the Microsoft Technet website https://technet.microsoft.com/library/security/MS15-067
So let’s dissect this for a second… “A specially crafted sequence of packets to a targeted system” can create high risks for any system with RDP turned on whether known or unknown. I.e. if for some reason a tech installed RDP which is a handy mechanism to manage the machine from home or remote location, it can create higher risks. Since the hacker can attack the machine with a simple type of scan or other attack crafted.
These things do happen, and in fact Anybody with Kali Linux and Metasploit can easily attack RDP systems and “own them”
here is my Kali Linux system’s screenshot of Metasploit splash screen, I am looking forward to upgrading to Kali Linux 2.0 which has been scheduled for August11 now by Offensive Security.
As usual we recommend a proper testing and patching program to prevent hackers attacking your systems and owning them.
Contact Us for help with your security program.