Categories: Newsletter

Network Monitoring News – Aug 2016

Windows 20 Year Patch

Microsoft has finally patched MS16-087. Simply put, Windows does not check/validate the driver it installs when it connects to a new printer. Since printer drivers are installed with full system rights you can see why this could be a problem. If an attacker takes control of or emulates a network/internet printer they can push just about any malicious code they like to the end-users machine and gain full administrator access.

This vulnerability has been around for the better part of 20 years and affects all versions of Windows going back to Windows 95! This requires all Windows systems be patched. While your IT staff is patching, have them also update Flash Player. Adobe has released 52 fixes for this piece of software.

Game Of Thrones

A new phishing attack is out that is a false violation notice from your ISP. The email message looks like a message from IP-Echelon.

This is the company that enforces copyright claims for companies like HBO.

The message states that IP-Echelon has determined that the person receiving this email has illegally downloaded “Game of Thrones” or other copyright-protected material and that unless they pay a fine within 72 hours, the incident will be turned over to their legal department.

The victim is directed to a website where they can pay. People who fall for this scam end up giving their hard-earned money to a criminal.

Ransomware

After a low in the spam distribution of ransomware during June, spam campaigns distributing ransomware have returned more aggressive than ever. 200 times the normal volume in the last month. The recent spam campaigns are sending out zip file attachments with a Javascript file inside that will download and execute the ransomware on the victims machine if the user opens it. The attachments are named in a way that tries to lure your users into opening them.

Once again, we see a need for user education. If users know what to look out for, they are more likely to question the validity of messages such as these.

Many users inherit permission sets that are far too broad for their normal job functions. By limiting user access across network resources, the damage incurred by the compromise of a single user can be more easily contained.

Ron Samson

Share
Published by
Ron Samson

Recent Posts

What Apps Are Used in SIEM and How They Enhance Cybersecurity

Security Information and Event Management (SIEM) systems have become essential tools in today’s cybersecurity landscape.…

3 weeks ago

What You Need to Know About SIEM Integration with Your Existing Infrastructure

Today, organizations need a cybersecurity tool that will offer detection and response, among other services,…

3 weeks ago

SIEM Providers for Small Businesses: Affordable and Effective Options

The threat vectors in cybersecurity are increasing, and cyber attackers are targeting small businesses due…

4 weeks ago

What Affects EDR Pricing? Key Factors to Consider When Selecting Endpoint Protection

Sophisticated cyber threats have driven the demand for Endpoint Detection and Response (EDR) software, making…

4 weeks ago

The Benefits of EDR Software: A Deep Dive into Proactive Threat Detection

With cyber threats increasing in sophistication, businesses are under pressure to try and stay ahead…

1 month ago

EPP vs EDR: What You Need to Know About Endpoint Protection in 2025

Cybersecurity has become an ever-critical concern for businesses of all sizes. In 2025, as remote…

1 month ago