CVE-2019-0708 – A Critical “Wormable” Remote Code Execution Vulnerability in Windows RDP

Credit to Author: Sushmita Kalashikar| Date: Fri, 17 May 2019 06:06:20 +0000

This is an important security advisory related to a recently patched Critical remote code execution vulnerability in Microsoft Windows Remote Desktop Service (RDP). The vulnerability is identified as “CVE-2019-0708 – Remote Desktop Services Remote Code Execution Vulnerability”. MSRC blog mentions This vulnerability is pre-authentication and requires no user interaction. In other…

Read more

Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability

Credit to Author: Malwarebytes Labs| Date: Wed, 15 May 2019 16:57:16 +0000

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Categories:

Tags:

(Read more…)

The post Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability appeared first on Malwarebytes Labs.

Read more

Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses

Credit to Author: Pieter Arntz| Date: Wed, 15 May 2019 16:02:13 +0000

CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?

Categories:

Tags:

(Read more…)

The post Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses appeared first on Malwarebytes Labs.

Read more

May, 2019 Patch Tuesday addresses critical remote desktop, DHCP bugs

Credit to Author: Andrew Brandt| Date: Tue, 14 May 2019 17:34:07 +0000

The vulnerabilities were so potentially harmful, Microsoft released updates for no-longer-supported Windows XP and Server 2003<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wDsmYlJCQ2o” height=”1″ width=”1″ alt=””/>

Read more

A taste of the onslaught at the network’s edge

Credit to Author: Andrew Brandt| Date: Tue, 30 Apr 2019 14:01:11 +0000

Edge devices take a licking so the rest of the network can keep on ticking, but they do need a little extra TLC<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/yLDeI_Y5qG8″ height=”1″ width=”1″ alt=””/>

Read more

A week in security (October 1 – 7)

Credit to Author: Malwarebytes Labs| Date: Mon, 08 Oct 2018 16:31:56 +0000

A roundup of the security news from October 1–7 including National Cybersecurity Awareness Month, LoJack, fileless malware, and BYOS.

Categories:

Tags:

(Read more…)

The post A week in security (October 1 – 7) appeared first on Malwarebytes Labs.

Read more

A week in security (August 6 – August 12)

Credit to Author: Malwarebytes Labs| Date: Mon, 13 Aug 2018 16:37:10 +0000

A round-up of the security news from August 6 – August 12, including ransomware, interesting talks during BlackHat, botnets, and the evils of JavaScript.

Categories:

Tags:

(Read more…)

The post A week in security (August 6 – August 12) appeared first on Malwarebytes Labs.

Read more

A week in security (August 6 – 12)

Credit to Author: Malwarebytes Labs| Date: Mon, 13 Aug 2018 16:37:10 +0000

A round-up of the security news from August 6 – 12, including ransomware, interesting talks during BlackHat, botnets, and the evils of JavaScript.

Categories:

Tags:

(Read more…)

The post A week in security (August 6 – 12) appeared first on Malwarebytes Labs.

Read more