• The latest vulnerabilities in the network stack

    Home » Forums » Newsletter and Homepage topics » The latest vulnerabilities in the network stack

    • This topic has 4 replies, 4 voices, and was last updated 4 years ago.

    Tags:

    Author
    Topic
    Susan Bradley
    Manager
    February 22, 2021 at 1:02 am #2345231

    PATCH WATCH The latest vulnerabilities in the network stack By Susan Bradley Focusing on business risk For this week’s security focus, I’m going to ho
    [See the full post at: The latest vulnerabilities in the network stack]

    Susan Bradley Patch Lady/Prudent patcher

    4 users thanked author for this post.
    AlexEiffel, deuce120, abbodi86, Fred
    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • AlexEiffel
      AskWoody_MVP
      February 23, 2021 at 12:46 pm #2345825

      Thank you Susan.

      This is exactly what I am looking for in your security articles. Put the risk in perspective and determine to which risk category it belongs.

      I too share the same philosophy vs denial of services.

      Depending on the context, what is most important to me is the real world risk of remote unauthenticated privilege escalation.

      I can sleep well with a denial of service risk for many scenarios.

      The PsExec issue is concerning. Thank you for bringing that to our attention.

      Reply | Quote
      • Susan Bradley
        Manager
        February 23, 2021 at 7:16 pm #2345900

        Keep in mind that while priv escalation is a given once they are inside, we have moved away from the OH MY WORD WE NEED TO PATCH NOW era of the Code Red/Nimda.  They have to wiggle in first – get in via phishing.  We’re still quite “squishy” inside, we’re getting better protecting the outside.

        Susan Bradley Patch Lady/Prudent patcher

        1 user thanked author for this post.
        AlexEiffel
        Reply | Quote
    • Alex5723
      AskWoody Plus
      February 23, 2021 at 2:12 pm #2345848
      AlexEiffel wrote:

      The PsExec issue is concerning

      EpMe NSA hacking tool could hack into any Windows PC.

      On Monday, the security firm Check Point revealed that it had discovered evidence that a Chinese group known as APT31, also known as Zirconium or Judgment Panda, had somehow gained access to and used a Windows-hacking tool known as EpMe created by the Equation Group, a security industry name for the highly sophisticated hackers widely understood to be a part of the NSA. According to Check Point, the Chinese group in 2014 built their own hacking tool from EpMe code that dated back to 2013. The Chinese hackers then used that tool, which Check Point has named “Jian” or “double-edged sword,” from 2015 until March 2017, when Microsoft patched the vulnerability it attacked. That would mean APT31 had access to the tool, a “privilege escalation” exploit that would allow a hacker who already had a foothold in a victim network to gain deeper access, long before the late 2016 and early 2017 Shadow Brokers leaks…

      Reply | Quote
      • Paul T
        AskWoody MVP
        February 24, 2021 at 1:55 am #2345943

        2017? Seriously old news, as is the patch.

        cheers, Paul

        Reply | Quote
    Viewing 1 reply thread
    Reply To: The latest vulnerabilities in the network stack

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.