Security News

Week in review: IIS zero-day, iOS scareware, new issue of (IN)SECURE (Help Net Security)
2017-04-03 02:16

Here’s an overview of some of last week’s most interesting news and articles: Like it or not, “cyber” is a shorthand for all things infosec We have lost the cyber war. No, not that cyber war....

Old Microsoft IIS Servers Vulnerable to Zero-Day Exploit (InfoRiskToday)
2017-03-31 16:18

WONTFIX: No patch for Windows Server 2003 IIS critical bug Microsoft (The Register)
2017-03-31 01:33

Actively exploited zero-day in IIS 6.0 affects 60,000+ servers (Help Net Security)
2017-03-30 14:15

Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited by threat actors at...

Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched (Threatpost)
2017-03-29 19:15

Researchers have disclosed a zero-day vulnerability and proof-of-concept exploit for a flaw in Microsoft IIS 6.0. The zero-day has been under attack since last July, the researchers said.

Millions of Websites Affected by IIS 6.0 Zero-Day (SecurityWeek)
2017-03-29 17:18

MS16-058 - Important: Security Update for Windows IIS (3141083) - Version: 1.1 (Microsoft)
2016-07-26 17:31

IIS Level SQL Injection Prevention (Reddit)
2015-09-04 15:53

IIS 6.0 users are heading towards new security dangers (Help Net Security)
2015-07-10 06:25

RiskIQ has discovered that 24 of the top 30 FTSE-listed companies in the UK are running web servers that will be out of support in less than a week, posing a potential security risk to both them and t...

Setup your IIS for SSL Perfect Forward Secrecy and TLS 1.2 Hass (Reddit)
2015-06-05 14:11