09Aug 2017 by nathan

August 2017 News and Updates

Monthly Newsletters
Updates Executive Summary - In addition to the normal Microsoft, Adobe and Oracle / Java updates, Google released an update to patch 10 critical bugs in the Android operating system and Mozilla released an update to patch 29 vulnerabilities in Firefox including making Adobe Flash objects Click-To-Enable.  The excitement from WannaCry and Petya / Not-Petya seems to be calming down but it looks like the Mamba ransomware (gained fame in the end of 2016 by taking the San Francisco transit system offline) seems to be making a comeback.  It only seems to be impacting Saudi Arabia and Brazil at the moment but it would be wise for blue teams to take note and make sure that you're ready (Are you all patched up?  Network segmented to minimize the damage of…
Read More
19Jul 2017 by nathan

July 2017 News and Updates

Monthly Newsletters
Updates Executive Summary - 2017 has been an explosive year for ransomware and a wake-up call for administrators of the importance of installing updates in a timely fashion.  The WannaCry virus in May wreaked havoc when it took advantage of an already patched bug in Microsoft Windows.  The Petya and Not Petya viruses struck in June, leveraging the same already patched vulnerability. Microsoft - Microsoft patched a total of 54 vulnerabilities this month in Windows, Edge, Internet Explorer Office and Exchange, 19 of which were rated critical, 32 rated important and three rated as moderate.  Several of the critical vulnerabilities are remotely exploitable and could give an attacker full control with little or no action on the part of the user. Microsoft releases regular updates the second Tuesday of each…
Read More