Presentations & Press

Microsoft Warns of a 17-Year-Old ‘Wormable’ Bug

Since WannaCry and NotPetya struck the internet just over three years ago, the security industry has scrutinized every new Windows bug that could be used to create a similar world-shaking worm. Now one potentially “wormable” vulnerability-meaning an attack can spread from one machine to another with no human interaction-has appeared in Microsoft’s implementation of the domain name system protocol, one of the fundamental building blocks of the internet.

Critical Windows Worm Gets 10/10 Severity Rating, Microsoft Says Patch Servers Now

Security vulnerabilities that rate a “perfect” 10 under the Common Vulnerability Scoring System (CVSS) are, thankfully, few and far between. That high severity rating not only means that the vulnerability is easy to exploit but also likely to be exploited.

Researchers Find Vulnerabilities in Popular Remote Learning Plug-ins

As more students move to online learning platforms, vulnerability researchers are revealing security flaws in some common software plug-ins. Three popular WordPress plug-ins for online learning have significant software vulnerabilities that could allow attackers to access student information, steal money from course creators, or escalate their privileges to become teachers, according to an advisory published by security firm Check Point Software Technologies.

פרצות אבטחה חמורות במערכות הלמידה מרחוק

מחקר חדש של חברתצ’ק פוינט חושף פרצות אבטחה חמורות בכמה ממערכות הלמידה מרחוק הגדולות בעולם, כולל מערכות בישראל.הפרצה חלה על מערכות מבוססת תוספי WordPress כגון LearnPress, המצוי בשימוש של יותר מ-21 אלף מוסדות חינוך עם יותר מ-80 אלף התקנות באתרי אינטרנט ברחבי העולם.

WinRAR Has Serious Flaw That Can Load Malware to PCs

The popular file archiving tool WinRAR has had a bug for at least 14 years that can be exploited to take over your PC. The bug can pave the way for archive files that can trigger WinRAR to actually install whatever malware is secretly inside, according to the security firm Check Point, which discovered the software flaw.

חולשה חמורה ב-Windows – ואין תיקון

באופן חריג הודיעה מיקרוסופט כי האקרים מנצלים חולשת אבטחה במערכת ההפעלה, מבלי לשחרר עדכון אבטחה. מומחה: “החולשה מסוכנת, רוחבית, ולא הולך להיות לה תיקון בימים הקרובים”. החדשות הטובות – יש מה לעשות

WDS bug lets hackers hijack Windows Servers via malformed TFTP packets | ZDNet

In a report released today, security researchers have finally revealed in-depth details about a bug that Microsoft patched last November, and which they say can allow hackers to hijack Windows Server installations and abuse the Windows Deployment Services (WDS) to take over the server and even deploy backdoored Windows OS versions.

Pwned in Translation – Talks