Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.
|
|
| Adobe issues Patch Tuesday fixes Flash and other Adobe software are getting patches today. Three of the four are rated critical, if you are using Adobe software check for patches. Recent studies have shown that flash is still a common vector for PC exploitation. If you are using Flash on non-Window OS’s you still need to update. Industroyer Malware Detected, Linked to Kiev Attack Malware researches at ESET have discover malware capable of taking down the power grid of a city. The attack uses known protocols of the industry, four payloads are used to gain control of switches and circuit breakers at an electrical substation. While this attack has been linked to Keiv it could be used against any electrical grid. |
|
|
Free Mac-Based Ransomware-as-a-Service MacRansom Surfaces Researchers have discovered a Mac based ransomware as a service. The attack uses a zip file that requires the user to allow (it is from an unknown developer) it to run. The rest of the attack is described in the article. It seems like this attack will have limited success since the zip file is flagged as being from an unknown developer. It will be interesting to see how these malware/ransomware attacks effect Macs going forward. |
|
| Half of Third-Party Software Components Are Outdated As the OS’s do a better job of security third party applications make an effective target. A study from Synopsys shows that up to half of third party applications are outdated. With WannaCry network admins and security personal are focused on OS patching. It pays to not overlook the third party applications on PCs in your networks |
|
| Curiosity Kills Security When it Comes to Phishing A study in Germany shows why is so hard to get users to stop clicking those phishing links. It basically comes down to curiosity. Our inherent human curiosity is used to trick users into clicking all those phishing links. |