Cyber Security News (13th April 2018)

  1. Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

Microsoft recently released security patches for windows operating systems. A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month almost 18 months after receiving the responsible disclosure report. According to the researcher the Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users’ Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without requiring any additional user interaction. A remote attacker can exploit this vulnerability by sending an RTF email to a target victim, containing a remotely-hosted image file (OLE object), and loading from the attacker-controlled SMB server. The security patch only prevents Outlook from automatically initiating SMB connections when it previews RTF emails, but the researcher noted that the fix does not prevent all SMB attacks.

Cyber Security Tips:  To prevent from this attack apply security patches as soon as possible, Block specific ports (445/tcp, 137/tcp, 139/tcp, along with 137/udp and 139/udp) used for incoming and outgoing SMB sessions, block NT LAN Manager (NTLM) Single Sign-on (SSO) authentication and use complex password.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: