Skip to content

BloombergBusinessweek article 7/17/2014

a. Discusses how Russian hackers infiltrated the NASDAQ network,

b. Placed malware on one of the NASDAQ webservers.Serversincage2

c. Thus creating a  classic "watering hole" attack - where customers of NASDAQ were attacked by malware as they navigated NASDAQ websites.

d. The malware used 0-day vulnerabilities to hack the servers and network. In fact the article mentioned (2) 0-day vulnerabilities being used.

A 0-day vulnerability is called that, because it has not been patched yet. I.e. a vulnerability was found and the manufacturer has not had time to patch it. So even if the IT department did it's job and patched the new Microsoft patches on patch Tuesday (2nd Tuesday of the month)

So now there is a vulnerability that has no patch and the hackers can attack and own(hacker parlance for control) your computers at will.

heartbleed1Remember the heartbleed vulnerability?

 

This story makes one wonder if there is a third party doing any penetration testing for private company computers and networks.

Patch Tuesday is the day Microsoft has deemed to give us their vulnerability fixes.

It has to be done some time and so it is done on a Tuesday  (right after Monday) and still in beginning of week. So the computer departments can schedule reboots and patching as soon as they are able.

the second Tuesday of the month is patch Tuesday

BetaNews discusses  6 bulletins, of which 2 are critical

Some affect different systems.

Technet advance discussion

Microsoft Security Bulletin

This one could be the bad one:

MS14-038

Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) 

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Please plan and patch accordingly

 

Serversincage pluggedinwiressmall