Risk Radar Free Cyber Newsletter – Mar 14, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Adobe Fixes Six Code Execution Bugs in Flash
Adobe has fixed six code execution bugs in Flash. If you are still using Flash it would be good to get this update ASAP. There are currently no known exploits in the wild, but with the way Flash exploits are used you should update sooner rather than later.
IT Workers Expect Industrial Internet of Things Attacks to Rise
As more information comes in the IoT is becoming a growing security concern. Industrial IT workers see IoT devices used in industry as a growing weak point of industrial security. Most IoT devices are not developed with security in mind.
SAP Patches Critical HANA Vulnerability That Allowed Full Access
If you are a user of SAP cloud-based business platform HANA you will be glad to know critical vulnerabilities are being patched.  The vulnerabilities will allow full access of the HANA platform. There are currently no known exploits in the wild targeting HANA.
Facebook Bans Developers from Using Data for Surveillance Tools
Facebook has changed the way developers can use data. The user data can’t be used to create surveillance tools.  This change seems to be in response to criticism from the American Civil Liberties Union. This change in user data covers Instagram also.
Home Depot to Pay $27.25m in Latest Data Breach Settlement
It business it does pay to have a comprehensive security plan. Home Depot is seeing the consequences of poor security practices that lead to a data breach two and half years ago. Home Depot has agreed to pay 27.25 million to affected financial institutions.
LinkedIn Breach: Weak Passwords Are the Norm
The LinkedIn data breach shows what most security professionals suspect. People use week passwords and they re-use the week passwords in other places. You can improve personal and business security by using long nonsensical pass phrases and a password manager, at a minimum do not re-use passwords.