exploit

Tue
04
Jun
John Lister's picture

How to Fix: Patch BlueKeep Worm (XP, Vista, 7, Server 2008)

If you're still on Windows 7 or earlier, you need to make sure you have a recent security patch installed as soon as possible. It fixes a very serious operating system exploit, dubbed "BlueKeep". Note that a firewall and antivirus will not block ... operating system exploits , which is why using an unsupported operating system is incredibly dangerous . The bug is in the way that Remote Desktop Protocol (RDP) works. Remote Desktop Protocol lets somebody on one computer see and control another computer in another location. It has some extremely useful applications such as working away ... (view more)

Wed
27
Mar
John Lister's picture

Apple Devices Need 51 Important Security Updates

Apple has released a patch for mobile devices which covers 51 security flaws. It's sparked debate over Apple's security levels and the way it issues such updates. The patch is for iOS, taking it up to version 12.2. Apple doesn't issue standalone ... security updates. Instead, it builds it into the main update for the system, which also includes new features or bug fixes. (Source: apple.com ) The most notable fix is a bug in an API (application program interface), which lets third party software interact with Apple services. In this case, the API bug could allow malware to access an iPhone, iPad ... (view more)

Wed
20
Mar
John Lister's picture

Report: Microsoft Bugs 'Most Exploited' by Hackers

According to a recent report, Microsoft products made up eight of the ten most exploited software bugs last year according to a security company. That's higher than in recent years, largely because Adobe Flash is becoming a less rewarding target for ... hackers as it loses popularity. As recently as 2015, most of the top ten involved bugs with Flash. Microsoft took the unwanted lead in 2017 with seven entries on the list. (Source: bleepingcomputer.com ) Internet Explorer Tops The List The top spot for 2018 went to a bug in the Windows VBScript engine . That's a tool that handles code designed for ... (view more)

Tue
19
Feb
John Lister's picture

Windows 7 Users: Get this Critical Update (due March)

Microsoft has warned an update coming next month is absolutely critical for users running Windows 7. Without it, computers won't be able to use any future Windows security and feature updates, leaving users extremely vulnerable to malware infections ... (or worse). It's all to do with a change in the way Microsoft delivers security updates in a secure manner. Whenever Microsoft releases an update, it comes with a digital signature to prove that it came from Microsoft's servers and that the code it contains has not been tampered with. You can think of these security measures much the same way when ... (view more)

Fri
05
Jan
Dennis Faas's picture

Spectre and Meltdown Exploits - What You Need to Know

Infopackets Reader Steve P. writes: " Dear Dennis, There has been a whirlwind of news on the Internet regarding the 'Spectre' and 'Meltdown' exploits that affect all microprocessors (CPUs) from 1995 and on. I am afraid my computer is at risk but I ... don't understand all the tecno-talk. Should I be worried? " My response: The short answer is: yes and no, mostly no (once patches are released). At the end of this article I'll offer advice on what you can do to stay protected. What does the Spectre and Meltdown Exploit Mean? I have been following the news for the last few days and here is what I ... (view more)

Fri
24
Nov
John Lister's picture

Windows Bugs Could Be Much More Serious

A key security feature in Windows doesn't work as planned. It's not a vulnerability in itself, but means that hackers who find bugs in software are much more likely to be able to do damage. The problem is with Address Space Layout Randomization ... (ASLR). It deals with the way a computer organizes different programs in memory. As an analogy, it's like organizing vehicles of different sizes and makes in a parking lot. Most operating systems support ASLR, which means that when a program starts up and needs to use the computer's memory, it's assigned a random location. In the analogy, think of cars ... (view more)

Fri
17
Nov
Dennis Faas's picture

How to Fix: WPA2 Vulnerability using DD-WRT Firmware

Infopackets Reader Paul E. writes: " Dear Dennis, I read with interest John Lister's article on the WPA2 exploit (KRACKs) , which explains how hackers can break into any WiFi network. I have 4 TPLink routers in my home that I use as 'hot spots' in ... various locations. As per your suggestion, I have visited TPLink's website for firmware updates for my routers, but there are none available. I am worried that someone is going to break into my network and steal my financial information. What can I do? " My response: I own a few TP Link routers as well and what I've done is flashed the routers using ... (view more)

Tue
05
Sep
John Lister's picture

Pacemakers 'Recalled' Amid Hacking Concerns

Around 465,000 pacemakers have been 'recalled' over hacking fears. However, the St Jude Medical brand devices will be patched with a software update rather than removed and replaced. The pacemakers are radio controlled to allow doctors to alter the ... specific rhythm they aim for when regulating a heart beat. This radio control means doctors can adjust to the patients changing needs without the need to remove the pacemaker for alterations. That's important as the surgery for such a removal is inherently risky. No Signs Of Hack Attacks While the precise details haven't been revealed for obvious ... (view more)

Wed
14
Jun
John Lister's picture

Patch Your PC: Yet Another Massive Exploit Discovered

Microsoft has issued three updates to fix flaws in older, unsupported versions of Windows. It's an unusual move that follows the discovery that both the National Security Agency (NSA) and outside hackers are exploiting the flaws , similar to the one ... that allowed the WannaCry Ransomware worm to spread just a few weeks ago. The updates cover both Windows and Windows Server editions going right back to XP . They'll be issued through the usual automated updates, which means people on Windows 8.1 and later shouldn't need to do anything. Those on earlier systems may need to manually ... (view more)

Wed
30
Mar
John Lister's picture

Ransomware Takes Nasty New Twist

The FBI has asked businesses for urgent help dealing with a new form of ransomware. The attack is designed to compromise an entire network, rather than just a single computer. Ransomware is a form of malware that damages a computer in a way that's ... usually reversible - but only by the malware creators. Commonly it involves encrypting files or even an entire hard drive so that they can't be accessed without a key, which is only provided when the victim hands over a fee. Last month the FBI put out a warning of a form of ransomware dubbed MSIL/Samas.A. It targets a security vulnerability ... (view more)

Pages

Subscribe to RSS - exploit