Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for What software should ...

 Business

Updating software on employee workstations is a never-ending, constant process. Thus, you may simply lack the resources to keep updating all software. On average, dozens of new vulnerabilities are found every single day; accordingly, many hundreds and even thousands of patches for them are released every month. This   show more ...

poses the question: what updates should be a priority? And theres no simple answer to that. Patching strategies can be very different, and finding the one that works best for your company can depend on various circumstances. In this post, I share some thoughts on what software should be patched first — based on the potential risk of vulnerability exploitation. Got any vulnerabilities on your system? Some people believe that the number of discovered vulnerabilities speaks of the given softwares quality. Simply put, more bugs means worse software, and a lack of any ever reported means that software is great. These considerations then affect their choices of corporate software. But this is, of course, a misperception: the number of detected vulnerabilities generally speaks of the programs popularity, not quality. You can find bugs anywhere. And most of the time, bugs are discovered where people look for them. A company could get by using some long-forgotten software product just because nobody ever found any vulnerabilities in it. But that would be an unwise strategy: what if someone actually tries and succeeds in discovering a whole load of them right away? In a nutshell, its not the number of bugs that matters, but how quickly patches for them come out and if they actually fix problems. Quick and regular patching is a good thing. While rare, sporadic releases — with the vendor trying to pretend that nothing bad has happened — are a disturbing sign; such software should be avoided. Another good thing is when the developer runs a bug bounty program — even better if the program is open for everyone. A bad thing is a vendor threatening to sue bug hunters (yes, it happens more often than one would imagine), or worse: dragging people to court for reporting vulnerabilities. Operating systems But lets get back to patching prioritization. The obvious candidates for the highest priority are operating systems. All-important OS updates must be installed as quickly as possible. The risk is self-evident: a compromised OS is the key to the rest of the computers software. So if you use Windows, its in your best interests to at least look through the list of Microsoft updates on the second Tuesday of each month, and install them ASAP. But you should still follow the news: if a Windows patch comes out on a different date, it should be installed right away. Browsers There are several solid reasons to prioritize browser updates. Firstly, browsers account for much of our digital activity these days. Secondly, browsers by definition interact with the internet, so theyre one of the first to be affected by any cyberthreats. Thirdly, attackers spare no effort looking for browser vulnerabilities, often succeed and quickly turn to exploiting them. So try to install browser patches pronto. Additionally dont forget to restart your browser after an update: until you do, the old, vulnerable version remains in use. Keep in mind that your system may have more than one browser installed. They all need timely updates. And speaking of multiple browsers, theres a couple of things to keep in mind: Internet Explorer: hardly any users free choice anymore, but this browser is still featured on any Windows computer — and needs timely patching. Many desktop apps (for example, messengers) are based on the Electron framework — technically a Chromium browser opened in a web app. Dont forget to update them too, as they automatically inherit every Chromium flaw out there. Office suites Attacks through emails with malicious attachments are a classic cybercriminal move. They mostly rely on infected files — especially Microsoft Office and PDF documents. This means that office suite programs vulnerabilities often serve as an entry point into the target companys network. Therefore, you should pay close attention to office software updates. In most cases, malware attachments dont open themselves — somebody has to click on them. Thats why its important to provide information security training for your employees — for example, on our interactive educational Kaspersky Automated Security Awareness Platform. Its also a good idea to set up an internal communication channel with your information security department: on the one hand, to alert your employees about relevant threats and improve general awareness; on the other, to receive their reports on various suspicious activity, including in their email boxes. Cybersecurity solutions As mentioned above, vulnerabilities can be found in any software — and security products are no exception. Antiviruses and other information security applications need lots of high-level permissions to operate efficiently, so a successful exploitation of a security solutions vulnerability might cause very serious problems. Security software developers are aware of the potential danger of such a scenario better than anyone else. Therefore, they try to promptly respond to reported vulnerabilities and release updates ASAP. Of course, promptness is equally important when installing those patches. We recommend monitoring your security products updates diligently and prioritizing their installation. Work collaboration apps One more software category that has earned special significance for office employees in the past decade requires special attention. Im referring to work collaboration apps, such as Microsoft Teams, Slack, Confluence, and the like. In many companies these have gradually taken over a considerable part of business correspondence, file exchange, and conference calls. Naturally, collaboration tools have become an attractive target for cybercriminals: they can usually learn a lot of juicy things from the content thats transferred through collaboration apps. Its important to keep these apps up to date with the latest security patches. Heres one more reason not to postpone updating your collaboration tools. As I mentioned above, every app based on the Electron framework is technically a Chromium browser — with all its vulnerabilities so popular among cybercriminals. And guess what? Electron is also quite a common framework for collaboration tools. For instance, its the backbone of the desktop versions of both Teams and Slack. To protect employees computers from hacking at those unpleasant moments when a vulnerability has already been found but a patch for it hasnt yet been released, be sure to use reliable protection on all corporate devices. By the way, a number of our solutions for business — including Kaspersky Endpoint Security for Business and Kaspersky Hybrid Cloud Security Enterprise — feature the built-in Kaspersky Vulnerability and Patch Management system that helps you automate and properly prioritize your software updates.

 Breaches and Incidents

The attack took place on Saturday. Threat actors transmitted a signal triggering an emergency status that stopped the trains near the city of Szczecin. According to the media, the attack stopped at least 20 trains and paralyzed the traffic for hours.

 Malware and Vulnerabilities

Lockbit v3, aka Lockbit Black, was detected in June 2022, but in September 2022 a builder for this variant was leaked online. The availability of the builder allowed anyone to create their own customized version of the ransomware.

 Breaches and Incidents

“The issue had an impact on a specific portion of our cloud-based infrastructure leading to downtime for a small number of cloud customers,” Leaseweb told customers in an email notification.

 Computer, Internet Security

The updated software now supports a proof-of-work challenge called EquiX. Designed by Tevador, who developed Monero's proof-of-work algorithm, it is "a CPU-friendly client puzzle with fast verification and small solution size (16 bytes).

 Trends, Reports, Analysis

Zoom received some flak recently for planning to use customer data to train its machine learning models. The reality, however, is that the video conferencing company is not the first, nor will it be the last, to have similar plans.

 Malware and Vulnerabilities

Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow remote code execution (RCE), as well as a proof-of-concept (PoC) exploit.

 Feed

Debian Linux Security Advisory 5484-1 - Zac Sims discovered a directory traversal in the URL decoder of librsvg, a SAX-based renderer library for SVG files, which could result in read of arbitrary files when processing a specially crafted SVG file with an include element.

 Feed

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

 Feed

Red Hat Security Advisory 2023-4769-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include an information leakage vulnerability.

 Feed

An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching out its capabilities and the attack surface. "The binary now includes support for Telnet scanning and support for more CPU architectures," Akamai security researcher Larry W. Cashdollar said in an analysis published this month. The latest iteration,

 Feed

Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing and ongoing monitoring are necessary to fully protect web applications, identifying weaknesses so they can be

 Feed

Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL. "An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens," Secureworks Counter Threat Unit (

 Feed

In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf," Phylum said in a report published last week. The names of the packages, now taken down, are as follows:

 Feed only

Graham Cluley Security News is sponsored this week by the folks at PlexTrac. Thanks to the great team there for their support! If you are investing in solutions for continuous assessment and validation or breach and attack simulation, you know that managing the data and remediation efforts necessary to make real   show more ...

progress can be overwhelming. … Continue reading "Ready to enhance your continuous assessment efforts? Meet PlexTrac"

2023-08
Aggregator history
Monday, August 28
TUE
WED
THU
FRI
SAT
SUN
MON
AugustSeptemberOctober