Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

5 Security Things to Know for the Week of May 15

Follow Trustwave on Twitter, connect with us on LinkedIn and like us on Facebook

1)  A historic, fast-spreading ransomware worm attack that used a stolen exploit, slowed only by a "kill switch" flaw in its own design, struck companies in more than 100 companies running unsupported versions of Windows - and more damage may be yet to come.

2) To additionally help halt the spread of the worm, Microsoft took the unusual step of issuing emergency patches for no-longer-supported operating systems.

3) In addition, the company called out government "exploit stockpiling" after it was discovered that the attack copied hacking tool methods stolen from the U.S. National Security Agency.

4) Microsoft (and Adobe) kept busy even before WannaCry, issuing the May monthly patch update, while a day earlier it distributed an out-of-band fix for a "crazy bad" wormable Windows zero-day.

5) Google tightened its OAuth policies to defend against phishing attacks in light of the Google Docs scam.