Subscribe: Apple Podcasts | Google Podcasts | Spotify | Stitcher | Email | TuneIn | RSS
Sophos tells users to roll back Microsoft’s Patch Tuesday run if they want PC to boot
Slack Bug Allows Remote File Hijacking, Malware Injection
TeamViewer Confirms It Was Hacked in 2016
Transcript:
Hello, Friends, it is Monday, May 20th. Twenty nineteen in here’s today’s security news first off from the registered echo that UK Sophos tells users to roll back Microsoft patch Tuesday run if they want to. P.S. If they want their P.C. to boot this is written by Gareth Corfield. So Sophos has released a statement that says hey if you’re using our product and you want to use your computer you had to roll back the Microsoft patches. That seems like a bad idea if you ask me. So not just like one patch all of the patches the full patch Tuesday kit they want you to roll it back. And to top things off when asked if they had a plan or what’s going to how are they going to update what’s going on. They said Sophos is working diligently on determining the issue and will provide ongoing customer guidance. Not that we will have an update for you in a week. Give us three days just hey we’re working on it. So if this was any other regular Patch Tuesday for Microsoft I wouldn’t be too concerned with it. But this was a pretty big deal there from where we talked about this that one of the vulnerabilities is worm rule just like they used in want to cry one encrypt whatever you want to call it. So it’s a pretty big deal and it affects all it all the way down to Windows XP. Even released patches for Windows XP. So this isn’t just some run of the mill AII right remote cold vulnerability. This is a pretty big deal. So interesting I hope Sophos fixes this quickly. It’s been a bad couple of weeks in general for every provider with everything that happened with Matt McAfee and trend and Symantec last week with their source code and now this was Sophos it’s tough to be in a vendor right now.
All right. Next from the threat post dot com slack bug allows remote file hijacking malware injections. So a researcher from tenable David Wells. I apologize. This article is written by terrorists seals a researcher from tenable named David Wells discovered a bug in Slack desktop version 3 2 3 7 4 Windows only that essentially allows an attacker to post a link into a slap or a link into us. Slack channel that is used to download a document in essentially in that protocol it allows them to change the destination of where that file is located to a local SMB share, therefore, downloading something other than intended. So somebody could put in a link to a Google Doc and all of a sudden that link now turns into an SMB file sharing your downloaded good piece of malware. So there’s erm it’s remote exploitation both authenticated and unaffected users malware and more. I mean so it goes into detail here. And as you know slack is pretty large. So the this is mitigated currently by upgrading to the next version to three top to zero. So I highly I mean this is obviously already been fixed. So go upgrade your Slack client on windows if you’re using it. Interesting that we don’t see a ton of slack stuff. So next from security Wycombe by Edward Kovacs team view confirms it was hacked in 2016.
This should not come as a surprise as many issues as Team viewers had over the years. One more thing for them. So apparently they were targeted in 2016 by a piece of Chinese malware we’ll just call it that for now. Or let me rephrase that a piece of malware that is commonly used by the Chinese they go on to talk about how they did their full you know they did the research they did the forensics and everything and nothing was stolen. So the direct quote independent experts conducted a thorough investigation using all I.T. forensic resources available and found no evidence that the security of our users or their I.T. systems was affected in any way. Yeah, I took those with a grain of salt right. I know there’s a lot of good forensics people out there everywhere you go. I just sometimes you just wonder right. Is there things that you didn’t see. There probably is. So we’ll take that statement with a grain of salt. Once again team view confirms it was hacked in 2016. All right, folks, that’s it for Monday, May 20th. Twenty nineteen everybody has a wonderful week. Hey, it’s a three day weekend for those in the United States coming up so just finish strong right and if you’re taking off Friday Whew boy a four day weekend so everybody finishes strong. Have a good week and we’ll talk tomorrow.