Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » 18-year-old bug can be exploited to steal credentials of Windows users

18-year-old bug can be exploited to steal credentials of Windows users

2015/04/14

Help Net Security - (International) A Cylance researcher identified a new technique for exploiting an 18-year-old flaw in Windows Server Message Block (SMB) in all versions of Windows operating systems (OS) which allows attackers to intercept user credentials by hijacking communications with legitimate Web servers via man-in-the-middle (MitM) attacks that send them to malicious server message block (SMB) servers that reveal victims' usernames, domains, and hashed passwords

Source: http://www.net-security.org/secworld.php?id=18210

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:04