Microsoft Patch Tuesday March 2018 updates
This Patch Tuesday comes with 74 security updates, including fixes for two known vulnerabilities (CVE-2018-0808 and CVE-2018-0940); luckily this release arrives in a more timely fashion, as there have been no known exploitations of these vulnerabilities like we’ve seen in the past.
Read more: https://blogs.manageengine.com/desktop-mobile/desktopcentral/2018/03/14/microsoft-patch-tuesday-march-2018-updates.html
0 Comments
Recommended Posts
New Offensive USB Cable Allows Remote Attacks over WiFi
Be careful where you buy your USB cables folks
https://www.bleepingcomputer.com/news/security/new-offensive-usb-cable-allows-remote-attacks-over-wifi/
Be careful where you buy your USB cables folks
https://www.bleepingcomputer.com/news/security/new-offensive-usb-cable-allows-remote-attacks-over-wifi/
Active today
Hopefully not to late to learn... ;-)
Many people considder USB to be some Serial cable like they used to have for Modems, Printers etc.
USB really is a multi-drop networking standard. And it provides for all kind of adapters like Storage Nodes, Network "routers" (=Usb Ethernet ...), Network camera's (photo equipment), ...
So USB sticks are more like a NAS on a private network then a Disk onto a Pata/Sata cable. The difference is they have no configuration items on most USB equipment.
(Rather like the original SCSI standard, only serial).
The Poison Tap (short version) provides a network adapter, with DHCP and it will provision a network with netmask 0 (so ALL packets sent by your system [ except for the local network you PC is connected to ] go to the PoisonTap..). Which also runs a transparant proxy to hijack connections. and will inject code back into the browser to redirect ALL access through another public site. After the PoisonTap is removed the attack still persists. Allowing an attacker to keep on tapping authentication data.
Many people considder USB to be some Serial cable like they used to have for Modems, Printers etc.
USB really is a multi-drop networking standard. And it provides for all kind of adapters like Storage Nodes, Network "routers" (=Usb Ethernet ...), Network camera's (photo equipment), ...
So USB sticks are more like a NAS on a private network then a Disk onto a Pata/Sata cable. The difference is they have no configuration items on most USB equipment.
(Rather like the original SCSI standard, only serial).
The Poison Tap (short version) provides a network adapter, with DHCP and it will provision a network with netmask 0 (so ALL packets sent by your system [ except for the local network you PC is connected to ] go to the PoisonTap..). Which also runs a transparant proxy to hijack connections. and will inject code back into the browser to redirect ALL access through another public site. After the PoisonTap is removed the attack still persists. Allowing an attacker to keep on tapping authentication data.
Stop using Internet Explorer, warns Microsoft's own security chief
https://www.telegraph.co.uk/technology/2019/02/08/stop-using-internet-explorer-warns-microsofts-security-chief/
Heads up for those of you that might be doing so.
https://www.telegraph.co.uk/technology/2019/02/08/stop-using-internet-explorer-warns-microsofts-security-chief/
Heads up for those of you that might be doing so.
Active today
Fuller quote from the bottom of the article (and I have read others like it)
""We want you to use IE for the sites that need it - what I'm trying to say here is that I hope you don't use it for everything else,” Mr Jackson said in a comment on the blog post.
Microsoft will end support for Internet Explorer 10 in January 2020, while Internet Explorer 11 will remain as the final iteration of the software."
Some servers do not have (and have not been able to update to) IE 11. This was not in the article but I have read it along with the statement that Server updates would be revised to use IE 11. I am not sure about Server 2008 but certainly Server 2012.
""We want you to use IE for the sites that need it - what I'm trying to say here is that I hope you don't use it for everything else,” Mr Jackson said in a comment on the blog post.
Microsoft will end support for Internet Explorer 10 in January 2020, while Internet Explorer 11 will remain as the final iteration of the software."
Some servers do not have (and have not been able to update to) IE 11. This was not in the article but I have read it along with the statement that Server updates would be revised to use IE 11. I am not sure about Server 2008 but certainly Server 2012.