Weekly InfoSec Roundup 01/05/18

Happy New Year from the Brinqa team, let’s kick off the new year with some interesting InfoSec news. Our first week into the new year and we are already hitting the ground running. With Meltdown-Spectre affecting almost every device and the macOS Exploit that can be found in every macOS since 2002  means there is a lot to cover this week!

 

  • A Pragmatic Approach to Fixing Cybersecurity: 5 Steps

  • “The digital infrastructure that supports our economy, protects our national security, and empowers our society must be made more secure, more trusted, and more reliable. Here’s how.”
    Read More

 

  • 17 Things We Should Have Learned in 2017, but Probably Didn’t

  • The worm has returned and the Yahoos have all been exposed, but did 2017 teach us any genuinely new lessons we shouldn’t already have known?”
    Read More

 

  • Patching Takes More than a Fortnight for Many Firms

  • “The major WannaCry and NotPetya ransomware outbreaks of 2017 appear to have had little if no impact on organizations’ approaching to patching, with visibility into systems still crucially missing in many cases, according to Ivanti.”
    Read More

 

  • macOS Exploit Published on the Last Day of 2017

  • On the last day of 2017, a security researcher going online by the pseudonym of Siguza published details about a macOS vulnerability affecting all Mac operating system versions released since 2002, and possibly earlier.”
    Read More

 

  • Google Patches Multiple Critical, High Risk Vulnerabilities in Android

  • “Google patched several Critical and High severity vulnerabilities as part of its Android Security Bulletin for January 2018.”
    Read More

 

  • The Internet of (Secure) Things Checklist

  • Insecure devices put your company at jeopardy. Use this checklist to stay safer.”
    Read More

 

  • DHS Admits Major Leak Affecting 247,000 Employees

  • The US Department of Homeland Security (DHS) has confirmed a major privacy leak affecting nearly a quarter of a million employees as well as others associated with departmental investigations.”

    Read More

 

  • Windows Meltdown-Spectre patches: If you haven’t got them, blame your antivirus

  • “Microsoft says your antivirus software could stop you from receiving the emergency patches issued for Windows”

    Read More

 

  • No one is safe: 5 cybersecurity trends for 2018

  • “The theme of cybersecurity in 2017 was “no one is safe.”Any consumer who managed to emerge from the Equifax, Yahoo, OPM and a host of POS breaches unscathed should consider entering the lottery. And any company that escaped 2017 without a cybersecurity crisis should should give its security team a raise.”

    Read More

  • Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch

  • “Antivirus firms are gradually adding support for Microsoft’s Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.”

    Read More

 

  • Zero-day vulnerabilities hijack full Dell EMC Data Protection Suite

  • “Security researchers have discovered a set of zero-day vulnerabilities within the Dell EMC Data Protection Suite Family products which allow attackers to fully hijack systems.”

    Read More

 

  • Industry Reactions to Meltdown, Spectre Attacks: Feedback Friday

  • Researchers disclosed this week the details of two new attack methods allowing malicious actors to gain access to sensitive information stored in a device’s memory by exploiting security holes in Intel, AMD and ARM processors.”

    Read More

Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

  • This field is for validation purposes and should be left unchanged.
© 2019 BRINQA | Legal | Terms