Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.
|
|
| Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump Cisco is warning of a critical vulnerability in more than 300 models of its switches and routers. The vulnerability was discovered when Cisco went through the release of the Vault 7 documents from WikiLeaks. There is currently no patch or workaround according to Cisco. Local Windows Admins Can Hijack Sessions Without Credentials Assuming you can get local admin privileges on a PC you may be able to hijack other users sessions without credentials. The attack is done using native command line Windows tools. Currently Microsoft is not looking at this as a security vulnerability, if you have admin right you can do most anything. The key for enterprise is controlling who gets admin rights on your networks. |
|
|
Pwn2Own hacking contest ends with two virtual machine escapes Two teams from China chained vulnerabilities together to break out of virtual machines to take top prizes at Pwn2Own. They had to escape from the guest OS running inside the VMware Workstation to the host OS. |
|
| Hackers Take Down Reader, Safari, Edge, Ubuntu Linux at Pwn2Own 2017 This article gives a rundown of day one of Pwn2Qwn 2017. Participants in Pwn2Own work on their attacks prior to the competition and have to complete the attacks in a timed completion. The exploits are turned over to the affected software vendors. |
|
| Phishing Scams Even Fool Tech Nerds—Here’s How to Avoid Them Phishing emails are the delivery method of choice for a lot of malware. The more technically savvy of us may think we won’t get fooled by these phishing emails. Don’t get to confident, some of these phishing attacks are very good. This article has some good advice for all of us. |