Security News – Verizon 2015 DBIR and MS15-034

Some important security news you should be aware of…

Each year, many large organizations publish their annual security report…many are good, some are not. One of the best is Verizon, which has been publishing their annual Data Breach Investigation Reports for many years. Their report for 2015 is out, and is a must-read if you are involved with network security. You can download a copy here. Note…it asks for you to opt-in for other announcements from Verizon, but there is a “Download Only” link available if you prefer.

Microsoft has released a Security Bulletin (MS15-034) for a rather nasty vulnerability with how Windows handles HTTP stack requests. Although most Windows clients would not have any applications running that would handle HTTP requests, that is not the case for Windows Servers (especially IIS). If you manage Windows servers, you need to quickly take a look at this Bulletin…there are active exploits in the wild already.