Gift That Keeps On Giving →
via Steve Ragan, writing at CSO, comes a story of renewed interest in one of the older attackable network interefaces known - namely, the venerable Server Message Block (SMB) protocol, utilizing the equally old (two decades plus) UNC Share Block abuse . Interestingly, the number of vulnerable software platforms have increased exponentially, due to the know blossoming vector that can include both HTTP and HTTPS. Oops.
SPEAR, the research team at Cylance, has discovered new attack vectors for an 18-year-old vulnerability in Windows Server Message Block (SMB). The updated attack vector, called Redirect to SMB, impacts products from Microsoft, Apple, Adobe, Symantec, Box, Oracle, and more. - via CSO's Steve Ragan