Skip to main content
Monthly Archives

July 2018

|

Bluetooth Authentication Exploitable

By NewsNo Comments

Avoiding Bluetooth Decay

A CERT advisory has been released regarding the stability of Bluetooth authentication. In short, the advisory outlines that “the authentication provided by the Bluetooth pairing protocols is insufficient.”

This weakness in the Bluetooth key exchange is exploitable and could allow a remote attacker to intercept encryption data.

Potentially, malicious actors could view contacts stored on the device, passwords typed on a keyboard, or other sensitive content stored by the device. They may even be able to manipulate the device to access a connected phone or computer.

There will be software and firmware updates released to address his vulnerability. The CVSS score is rated as a 7.3, so apply these updates as they become available.

Affected Vendors: Android, Apple, Broadcom, Dell, Google, Intel, and QUALCOMM Incorporated.

This highlights, yet again, why companies need a patching strategy utilizing a patch manager. A vulnerability like this can go under the radar.

Syxsense is an IT solution that can show you all the devices connected to your network. Don’t get surprised by what’s lurking in your environment.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

Ransomware Disrupts Massive Shipping Company

By NewsNo Comments

Cyberattack Causes Shipping Industry Disaster

COSCO, one of the world’s largest shipping companies, has experienced a ransomware attack on their US network. Their Long Beach terminal reported that their website and telephone network went down on July 25.

The company initially downplayed the event, however it quickly became apparent this was much more than a technical difficulty.

There is a legitimate fear this current attack is “a proxy for the entire industry.” Hackers might be testing the waters for lessons learned after the NotPetya attacks in June 2017. The losses and response times will be studied closely by many companies, and future malicious actors.

With the increasing rate of cybercrime, many are starting to accept these attacks as an unavoidable hazard of running a business. But there is a way to combat such threats and mitigate risk. Keeping up to date on patching is the #1 strategy for protecting your company from ransomware.

Syxsense has a comprehensive patch manager. With a quick scan, you can see what devices need updates and the severity of those patches. The deployment task is easily configured and can be set to happen on demand or scheduled around business hours.

There’s a better way to manage your environment. See how with a trial of Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||||||

Severe Oracle Vulnerabilities

By NewsNo Comments

WebLogic Server Needs Immediate Patching

If you are using an Oracle WebLogic Server in your environment, you must patch it now.

This easily exploitable vulnerability allows an unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server.

Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. To compound this further, it is currently being exploited and has been assigned a CVSS score of 9.8 out of 10.

More Oracle Updates

Oracle has released its July 2018 updates to address a total of 334 security vulnerabilities, the largest number of flaws resolved with a Critical Patch Update (CPU) to date. Over 200 of the bugs may be remotely exploitable without authentication.

Robert Brown, Director of Services for Verismic said, “IT Managers are so focused on patching Windows, that they lose focus on the applications within their environment which can be exploited just as easy as the OS.”

Your patching strategy should accommodate all weaknesses. This includes the applications used within your environment.

All Oracle customers are advised to apply the fixes included in Oracle’s Critical Patch Updates without delay, as some of the addressed vulnerabilities are being targeted by malicious actors in live attacks.

I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

[vc_separator]

I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Bad Dog! Ubuntu Mutt Exploitable Vulnerability

By NewsNo Comments

According to a recently released Ubuntu security notice, there are several vulnerabilities within Mutt Ubuntu. The following CVEs detail how an attacker could execute arbitrary code through Mutt incorrectly handling certain requests. In addition, certain inputs could provide access to, or even expose, sensitive information.

(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359, CVE-2018-14358, CVE-2018-14353 , and CVE-2018-14357.)

Below are the effected versions:

 

Updates have been released to address these vulnerabilities. Syxsense has them within their patch database. Within the console, select these updates and simply target any device running the affected versions. You’ll also need to restart Mutt once the updates have been deployed.

There’s a better way to manage your devices, whether they run Windows, Mac, or Linux. Start a trail of Syxsense!

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Microsoft Patch Tuesday: Uninstall

By News, Patch TuesdayNo Comments

It’s Buggy Out There

Microsoft has republished all of the recent July Patch Tuesday updates with one exception: KB 4018385. Microsoft have recalled this update because it crashes Office.

What are you to do if you already deployed this patch? We highly recommend our clients uninstall this update and reboot their systems as quickly as possible.

“Barely a few months have passed since Microsoft recalled their last update,” says Rob Brown of Verismic.  “Uninstalling updates can be performed one of several ways, from manually uninstalling the update or using a systems management toolset. Not all toolsets have uninstall features for Windows update, and rely on bespoke uninstall scripts to be written by your IT managers.

Syxsense provides the simplest way to install or uninstall Windows updates, from a click of a button and easy targeting of all your devices.

What You Should Do

The best approach, for now, is to monitor your systems with a comprehensive IT management solution. Keep an eye on the status of your environment by implementing a solution that can easily show you, through the console or reports, which devices are affected by these updates.

Syxsense has this capability, and more. Keep track of the status of your IT environment through detailed, easy to understand reports. If you decide you want to remove these disastrous patches, with Syxsense, you can roll them back in just a few clicks.

Find a better way to manage devices, start your trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||||||

July Patch Tuesday: Microsoft & Adobe Unleash Hundreds of Patches

By News, Patch TuesdayNo Comments

Adobe Tackles Over 100 Vulnerabilities

A new set of security updates from Adobe has just been released. These new updates effect Acrobat, Reader, Flash Player, Connect, and Experience Manager. Over 100 vulnerabilities are patched thanks to these updates.

The risk involved in not deploying the new updates is that a remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Review Adobe Security Bulletins APSB18-21, APSB18-24, APSB18-22, and APSB18-23 and apply the necessary updates.

Robert Brown, Director of Services said, “Many of these updates are Priority 2, which means they should be highly prioritised for deployment this month.” Ensure these updates are a part of your patching strategy.

Microsoft Half-Year Evaluation

According to an article by The Zero Day Initiative, there seems to a be a rise in the number of bugs reported in Microsoft products. However, they caution that this doesn’t mean that there is an increase in issues with the product. The number of bug reports has increased 121% from the same period last year.

The number of released patches is only up by 8%, so the article argues this is an indicator of program growth. A large number of these bugs were also in the browser space; IE, Edge, and Chakra Core.

Keep an eye on Microsoft’s Patch Tuesday releases as they may attempt to increase their output of updates.

Patch Tuesday Release

Microsoft released 53 security patches this month covering Internet Explorer, Edge, Windows, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office. These are made up of 18 Critical, 33 Important, one is rated as Moderate, and one is rated as Low in severity.

There are none which are Zero Day & none which are either Public or Exploited so far. There are several updates for the various feature updates of Windows 10 to keep your IT Manager busy this month.

Vendor Name Vendor Severity Title
Microsoft Critical Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB4339093)
Microsoft Critical Cumulative Security Update for Internet Explorer 11 for Windows 7 (KB4339093)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4338814)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for ARM64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for ARM64-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4338814)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for ARM64-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for ARM64-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4338826)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1703 for x86-based Systems (KB4338826)
Microsoft Important Security Update for Skype for Business 2016 (KB4022221) 64-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558)
Microsoft Important Security Update for Skype for Business 2015 (KB4022225) 32-Bit Edition
Microsoft Important Security Update for Microsoft SharePoint Foundation 2013 (KB4022243)
Microsoft Important Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
Microsoft Important Security Update for Microsoft Access 2016 (KB4018338) 32-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340556)
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340004)
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340004)
Microsoft Important Security Update for Microsoft Office Viewers Microsoft Office Compatibility Pack (KB4011202)
Microsoft Important Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340556)
Microsoft Important Security Update for Microsoft Access 2013 (KB4018351) 64-Bit Edition
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340006)
Microsoft Important Security Update for Skype for Business 2016 (KB4022221) 32-Bit Edition
Microsoft Important Security Update for Word Viewer (KB4032214)
Microsoft Important Security Update for Skype for Business 2015 (KB4022225) 64-Bit Edition
Microsoft Important 2018-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4338818)
Microsoft Important 2018-07 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4338818)
Microsoft Important 2018-07 Security Only Quality Update for Windows 7 for x64-based Systems (KB4338823)
Microsoft Important 2018-07 Security Only Quality Update for Windows 7 for x86-based Systems (KB4338823)
Microsoft Low Security Update for Microsoft Word 2016 (KB4022218) 64-Bit Edition
Microsoft Low Security Update for Microsoft Word 2010 (KB4022202) 64-Bit Edition
Microsoft Low Security Update for Microsoft Office 2010 (KB4022200) 32-Bit Edition
Microsoft Low Security Update for Microsoft Word 2016 (KB4022218) 32-Bit Edition
Microsoft Low Security Update for Microsoft Office 2010 (KB4022200) 64-Bit Edition
Microsoft Low Security Update for Microsoft Word 2010 (KB4022202) 32-Bit Edition
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Will You Avoid This Major Security Threat?

By NewsNo Comments

Two Major Vulnerabilities Could Expose You

Security vulnerability CVE-2018-8225 and CVE-2018-8267 are both publicly disclosed exploits that have garnered high CVSS scores. These weaknesses were reported to Microsoft through Trend Micro’s Zero Day Initiative (ZDI).

CVE-2018-8225 is a vulnerability that impacts the Windows DNS component DNSAPI.dll. An attacker can leverage this flaw to execute arbitrary code by using a malicious DNS server and specially crafted DNS responses.

CVE-2018-8267 allows an attacker to execute arbitrary code if they can convince the targeted user to open a malicious web page or file. It’s important to ensure patches have been deployed to secure these vulnerabilities, as exploitation seems likely.

Syxsense can give you the peace of mind that your devices are up to date. It’s simple to scan your networks and see which devices need updates.

Creating a task is straight forward and you’ll have your devices secured without ever having disrupted the productivity of your company.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo