Get a Pentest and security assessment of your IT network.

News

Hacking Windows Server Update Services to infect enterprises

The Windows Server Update Services (WSUS) does not use SSL encrypted HTTPS delivery of the SOAP (Simple Object Access Protocol) XML web service. The lack of encryption opens the door to man-in-the-middle (MitM) attacks, this means that an attacker can inject malicious code in the legitimate traffic. The attackers can alter Windows Update by installing malware in the metadata of the update. The researchers demonstrated the attack at the Black Hat 2105 conference in Las Vegas, a detailed paper titled Compromising the Windows Enterprise via Windows Update is available online.”]

Source: https://securityaffairs.co/wordpress/39208/hacking/hacking-windows-server-update-services.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Who and why is attacking companies in the Nordic Countries?

News

Social Networks Part 1 Who exactly are you disclosing your life story to?