Cyber Updates – 18/02

Cyber Updates – 18/02

Hey all,
Here are this week’s cyber updates:
(1) Microsoft has not published its famous Patch Tuesday this month due to “a last minute issue that could impact some customers and was not resolved in time”. This is presumably due to their difficulties in fixing the latest SMB v3 vulnerability that was reported in the last “cyber updates” post. This means that all Windows machines are still vulnerable to a server side remote code execution exploit.
Here are their details:
https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/

(2) Yahoo was hacked. No, this is not the same hack as in 2013 that was recently published, but rather a new hacking attempt. 
Instead of stealing the (hashed) passwords, this time the attackers have used forged cookies in order to login to the victims’ accounts without their consent. 

Here are all the details:
https://help.yahoo.com/kb/SLN27925.html?impressions=true

(3) Security researches have been able to prove that websites can track your online activity even if you use a different browser. The websites perform unique tasks in order to pinpoint the following metrics: time zone, number of CPU cores, GPU, hash values of GPU rendering results, plugins, fonts, audio, screen ratio and depth, WebGL, Ad blocking, canvas, cookies, encoding, and language. According to the research, the attackers were able to successfully identify 99.2% of the users.

Here are all the details:
https://thehackernews.com/2017/02/cross-browser-tracking.html

Stay tuned for more updates,


Dan Gurfinkel

Head of Offensive Security & Response Unit

Comsec by HUB Security logo
We are sorry to hear you have a problem, but we are here to help!

Our Hot Line is ready to provide
immediate assistance 24/7

Calling from Israel?

+972 747047472

Calling from anywhere else?

+31202170634

Comsec by HUB Security logo

We are sorry to hear you have a problem, but we are here to help!

Our Hot Line is ready to provide immediate assistance 24/7

Skip to content