Security Alerts & News
by Tymoteusz A. Góral

#2179 Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server
A proof-of-concept exploit has been published for an unpatched vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported but still widely used.

The exploit allows attackers to execute malicious code on Windows servers running IIS 6.0 with the privileges of the user running the application. Extended support for this version of IIS ended in July 2015 along with support for its parent product, Windows Server 2003.

Even so, independent web server surveys suggest that IIS 6.0 still powers millions of public websites. In addition, many companies might still run web applications on Windows Server 2003 and IIS 6.0 inside their corporate networks, so this vulnerability could help attackers perform lateral movement if they access such networks through other means.
Read more
#2179 Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server
#2178 This book reads you - using JavaScript
#2177 Flatbed scanners used as relay point for controlling malware in air-gapped systems
#2176 Let’s Encrypt issues certs to ‘PayPal’ phishing sites: how to protect yourself
#2175 VMware patches critical virtual machine escape flaws
#2174 Skype users hit by ransomware through in-app malicious ads
#2173 One of the most prolific botnets is back - and now it's being used for stockmarket scams
#2172 Unskilled group behind many junk ransomware strains
#2171 New IIS 6.0 0day exploited in live attacks since July 2016
#2170 Russian hacker pleads guilty in global botnet case
#2169 About 90% of Smart TVs vulnerable to remote hacking via rogue TV signals
#2168 Someone is putting lots of work into hacking Github developers
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12