
Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.
|
|
NSA’s DoublePulsar Kernel Exploit In Use Internet-Wide Some Windows server exploits live on for years, like Conficker which is around 10 years old. The DoublePulsar exploit may have the same staying power. Like Conficker, DoublePulsar has been patched by Microsoft. Remote code execution is possible from the DoublePulsar attack. If you use Windows server make sure you are using a recent version that is fully patched. Hard Target: Fileless Malware Ransomware was the exploit with the fastest growth rate in 2017. We don’t know if fileless attacks will take over ransomware, but we are seeing a big increase in 2017 fileless attacks. Computer memory and native windows tools are used to do the attack, when the attack is done no evidence is left behind on the hard drive. Mitigation of these fileless attacks will take a new approach to PC security. |
|
Employees Are Sharing Confidential Info at Alarming Rates For business owners’ employees could be the biggest danger to your confidential data. Employees are confused at what they should share and should not share. The need to get work done is winning out over data security. Business’ need to present a clear security plan to their employees regarding confidential data. It should be an annual training event. |
|
LinkedIn Apologizes After Privacy Snafu The latest LinkedIn iOS update had a feature that should have been opt in. The new feature prompted users to connect with nearby people in Bluetooth range. Microsoft has responded that this feature will be changed to opt in with more controls for the user. |
|
20 Linksys Router Models Vulnerable To Attack Multiple Linksys routers models have vulnerabilities that allow data to be pulled from the router network. IOActive has shown that 7,000 routers could be effected, they think as many as 100,000 could be effected. Linksys is working on an fw upgrade to fix these issues. For now Linksys recommends turning off the guest network setting, enable auto updates, and change default admin passwords. |