Safety and Security

Microsoft Patches Vulnerabilities After Hackers Warn Of “Microsoft Apocalypse”

Microsoft Adjusts Windows 10 Install Target

A group known as the Shadow Brokers published on Good Friday a set of confidential hacking tools used by the NSA to exploit software vulnerabilities in Microsoft Windows software.

According to Fortune, Microsoft announced on the same day that it had patched the vulnerabilities related to the NSA leak. It was especially important that the company moved quickly since juvenile hackers — also known as script kiddies — were expected to be active over the holiday weekend while defenders were away.

The threat was the latest and, according to security experts, the most damaging set of stolen documents published by the Shadow Brokers, which is believed to be tied to the Russian government.

Experts say the leak, which was mostly lines of computer code, was made up of a variety of "zero-day exploits" that can infiltrate Windows machines and then be used for espionage, vandalism or document theft. The group also published another set of documents that show that the NSA penetrated the SWIFT banking network in the Middle East.

"There appears to be at least several dozen exploits, including zero-day vulnerabilities, in this release. Some of the exploits even offer a potential 'God mode' on select Windows systems. A few of the products targeted include Lotus Notes, Lotus Domino, IIS, SMB, Windows XP, Windows 8, Windows Server 2003 and Windows Server 2012," said Cris Thomas, a strategist at Tenable Network Security.

The Shadow Brokers have been threatening the U.S. government for some time but until last Friday had not released anything critical. There is speculation that this document dump could be retaliation by Russia (if the hackers are indeed tied to the country) in response to recent U.S. military actions.

——————————

LIVE PYMNTS TV OCTOBER SERIES: POWERING THE DIGITAL SHIFT – B2B PAYMENTS 2021 

Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

Click to comment

TRENDING RIGHT NOW