Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.
Here are the most interesting articles we’ve found this week that could be helpful to you:
If you don’t download and install security patches, you’re almost asking for trouble. This article proves the point that some of the most exploitable vulnerabilities have already been patched.
One of the most concerning findings was that the most commonly targeted individual vulnerability in the latter half of 2015 was CVE-2010-2568 in Windows Shell, according to Tenable Network Security EMEA Technical Director Gavin Millard.
“CVE-2010-2568, a vulnerability well known for its usage in the Stuxnet malware family in June 2010, has had a patch available since August 2nd 2010 but many systems are still being successfully targeted,” Millard told SCMagazine.com in emailed comments.
Interesting technique to get people to plug in a rogue USB drive. Would you fall for this trick?
As users started to become educated about rogue USB drives, we changed the rules by purchasing memory sticks branded with their company name and logo. Sometimes we attached them with a lanyard also printed with the corporate insignia. In some cases, we placed them on the desks of individual users, and in other instances, we physically mailed them to the individual. In all scenarios, users still plugged the devices in and ran whatever exploit we stored on the drive.
Adobe Flash continues to be a hackers best friend.
The company issued a warning about the zero-day — previously unknown and unpatched — vulnerability on Tuesday, saying that it is aware of an exploit available in the wild. The flaw, tracked as CVE-2016-4117, was reported by security researchers from FireEye.
I almost can’t believe someone from Adobe was quoted saying the following for this article.
However, while an exploit for CVE-2016-4117 is known to exist in the public domain, the company is not aware of any active attacks using it, an Adobe spokeswoman clarified Thursday via email.
Even antivirus platforms can provide a surface area to attack.
“This is a remote code execution vulnerability. Because Symantec use a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link is enough to exploit it,” Ormandy said in his explanation.