Dear clients,
We trust you had a relaxing Easter long weekend. We wanted to let you know that over the break the NSA exploit toolkit for Microsoft was published online which included zero day remote code execution exploits for all modern Microsoft operating systems and popular products. You can read more about the response and Microsoft Security Updates here: https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/ Please note that some remote exploits are not patched by Microsoft, as they affect discontinued products and will remain vulnerable. An excerpt of the dump includes the following attacks:
Alternatively if you'd like to consider our Monthly Managed Penetration Testing Service, we can check vulnerable systems for you. Many of you would have seen our anti-malware solution test website known as WICAR (think EICAR AV Test File, but for web based attacks). This is just a quick email to let you know we now have SSL enabled for our test malware attacks, so not only can you test your firewall, IDS/IPS, proxies, content filtering and desktop antivirus, but you can also check if you are protected against payloads delivered over HTTP/S or verify your SSL-inspection products are working.
Simply open the Test Malware page and click the [SSL] hyperlink to conduct the test over SSL to ensure your organisation is adequately protected (most attacks today are delivered over SSL to get around proxy inspection). |
Archives
September 2017
Categories
All
|
|
|