the biggest one in my book is Windows 2003 no more patches after the summer. http://www.microsoft.com/en-us/server-cloud/products/windows-server-2003/ From the Microsoft website: Windows Server 2003 support will end: 173 Days: 12 Hours :56 Minutes : 29 Seconds 173 days come faster than you think, so please do the right thing – Philotimo update your servers. Our Youtube video (regarding ΦΙΛΟΤΙΜΟ- Philotimo in case you are … Read more
It is good to review this Annual report: http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf (may have to fill out some information to get it) key discoveries: 1) 1% of all high urgency CVE (Common vulnerabilities and Exposure) were actively exploited. This means organizations must prioritize and patch high urgency vulnerabilities. 2) Since Blackhole exploit kit in 2013, it … Read more
Twitter is aflame with the various tweets of the attackers and viewers of what is going on: After my quick review of the top ten in our Security Analyzed page this morning, I saw NakedSecurityBlog https://nakedsecurity.sophos.com/2015/01/17/cyberjihadists-attack-thousands-of-french-websites-after-charlie-hebdo-massacre/ With a review of http://www.thelocal.fr/20150116/hackers-take-down-20000-french-websites website with the headline: “Islamist hackers attack 20,000 French websites” It … Read more
The reason is that it was a _Destructive_ attack. Credit card numbers were not stolen. Data was deleted and stolen. Highly unusual attack. Dark Reading has a story on the “destructive” attack. http://www.darkreading.com/how-not-to-be-the-next-sony-defending-against-destructive-attacks-/d/d-id/1318516 ” “If your only goal is to do damage,” says Jonathan Sander, strategy and research officer for Stealthbits Technologies, “you don’t need a lot … Read more
Microsoft has a Telnet vulnerability which has a critical remote code execution. (MS15-002) https://technet.microsoft.com/library/security/ms15-jan This is true: “Only customers who enable telnet on Windows 2003 are affected (it is installed but not enabled). and Telnet is not installed on Vista or later operating systems” But if you did enable (or install and enable) it has … Read more
