Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

Subject of the week | Considering the recent Equifax breach, what are your top personal security tips?

Use different passwords for different sites! If someone gets a hold of your email/password combination, they'll just try it on every site. So a single breach can turn into a bunch of compromised accounts.
2
Concerto's Cloud Advisory Services
LVL 4
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

CyberNewsRundown.jpg
Cyber News Rundown: Edition 9/15/17

German Voting Software Raises Concerns

With German elections only a couple weeks away, researchers have been working to determine how secure the voting systems really are. Per a recent study, the software being used contains multiple vulnerabilities that could lead to devastating results if the election is compromised. Meanwhile, the software creator maintains there is nothing wrong with the system and any tampering would only lead to confusion, rather than truly affecting the vote’s outcome.

Upgraded Android OS Slows Tide of Overlay Attacks

While overlay attacks are nothing new to Android™ users, the Toast window is a surprisingly fresh take on this technique. Google has already patched the issue being exploited, but many users unintentionally fell victim and gave permissions to a malicious app using the Toast window overlay on a legitimate page to spoof the users input. This type of attack can range from simply installing an annoying piece of malware on the device, all the way up to locking the device down and demanding a ransom.
2
Gain valuable virtualization processes skills that allow you the ability to store data, prevent vulnerabilities, and replicate environments for fast deployment. Enroll in September’s Course of the Month today!
0
Capture.JPG
Cyber News Rundown: Edition 8/25/17

The Cyber News Rundown brings you the latest happenings in cyber news weekly.
If you have any other questions, just ask!





UK NHS Database Exposes Over 1 Million Patient Records
During the past week, a breach was discovered in patient booking system SwiftQueue, which is widely used by several National Health Service (NHS) facilities. The database may have contained patient information for up to 1.2 million UK citizens, though the actual data has yet to be fully examined. Even worse, attackers now claim they have found additional SwiftQueue vulnerabilities and are in possession of all 11 million records stored by the company.

Booking Provider’s Data Found in Public Data Dump
Researchers recently discovered a large customer data dump in a publicly-facing Amazon S3 bucket. The data in question belongs to Groupize, a groups and meetings solution, and contains everything from customer interactions to full credit card information used to book hotels and other meeting spaces. Fortunately for anyone who has used the service, the data was properly secured within a week of the discovery.

Phishing Site Hosted on .fish Domain
1
Look out for this patch and be diligent in implementing it to the machine. Here is one vulnerability (CVE-2017-8620) that has high potential to be of parallel to the WannaCry and NotPetya vulnerabilities -- it is described as 'The Next WannaCry Vulnerability'. Finally, if patching is planned but delayed, Microsoft's recommended temporary mitigation against CVE-2017-8620 should be deployed: disable the WSearch facility within Windows.

http://www.securityweek.com/patching-against-next-wannacry-vulnerability-cve-2017-8620
2
 
LVL 8

Expert Comment

by:Senior IT System Engineer
So is this already distributed in the Windows update this month or not yet ?
0
 
LVL 64

Author Comment

by:btan
Yes I was released already.
0
0
 

Expert Comment

by:Pierre Ammoun
Where can I find basic guidelines to "educate the users" on being careful about malware ransomware ?
1
 

Author Comment

by:Alix Postan
Hi Pierre! That's a great question! Here are some links to some articles that I think would help educate users about being careful about malware:

1) 7 Things About Information Security Your Boss Wants to Know: http://www.uzado.com/blog/7-things-about-information-security-your-boss-wants-to-know

2) 7 Tips for Dealing with Internet Security Threats: http://www.uzado.com/blog/7-tips-for-dealing-with-internet-security-threats

3) 5 Best Security Blogs You Should be Reading: http://www.uzado.com/blog/five-best-security-blogs-you-should-be-reading

Hope that helps! Let me know if you need more articles!
0
Petrwrap, specifically, targets the Master File Table (MFT), which is essential for your computer to find files on the computer. By targeting the MFT, the ransomware is able to attack individual files faster than if each file were to be encrypted one-by-one. The good news is… that Petrwrap is detectable by anti-virus tools. Unfortunately, if the anti-virus scanner is delayed in catching it, Petrwrap can easily get a foothold into the computer system and spreads very quickly. Moreover, the encryption is so strong, that it is unlikely to be able to break through the software and recover files.
Check out our blog post on “Why Vulnerability Assessments Are Insufficient” for more information on securing your servers.


http://www.uzado.com/blog/why-vulnerability-assessments-are-insufficient
3
After the WannaCry ransomware attack, we sat down with Thomas Zucker-Scharff to get the inside information on the technology behind the attack and what steps you can take to prevent this in the future. Read more of his advice. Take a step toward your security by enrolling in our free Course of the Month covering ransomware security and prevention written by Thomas.

4
1
The world has now had time to recover and mitigate damage from the widespread WannaCry ransomware attack. We evaluated what it has left in its wake. Tallied damage includes:
 
More than 150 countries.
Currently $111,996.86 has been paid in bitcoin so far to decrypt files.
Around 16 of England’s National Health System organizations affected, with doctors resorting to pen and paper to complete patient records.
Renault, a European auto manufacturer, kept a French plant—that employs 3500 people—closed Monday, May 28th as a “preventative” measure.
 
Learn how to secure your data and prepare against future threats by taking our June Course of the Month covering ransomware prevention and preparation.

 
3
 
LVL 31

Expert Comment

by:masnrock
The sad part is a common failure in projects is failing to ask users for requirements.
1
 
LVL 123

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
The NHS does not consider the opinion of NURSES and DOCTORS worthy!

Very Wrong, and they wonder why, they are all leaving and retiring, now leaving a brain drain in the NHS!
0
Cyber Threats to Small Businesses (Part 1)
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

5
4
 
LVL 48

Expert Comment

by:Jackie Man
You need to install software like sophos intercept x in computers inside your network to block it.
3
 
LVL 7

Author Comment

by:Brian Matis
Personally, I'm just avoiding opening any Word docs from anyone I don't know... And to some extent, even from people I do know... Most of my document usage these days is with Google Docs, so it's pretty rare that I need a Word doc!
1

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.