It is important to know and understand the devices you have deployed throughout your organization and what roles those device play in the function and security of your environment. If you have any Cisco ASR 1000 devices in play, specifically on the edge of your network or with some form of public facing interface, take notice of this patch and apply as soon as possible. Given the ease of exploitation, this vulnerability will be leveraged in the wild.
I am excited to see NIST produce a new series of helpful guidelines and best practices. This SP 1800 has strong potential.
This is yet another disturbing vehicle hack, but in this case, the vulnerability lies in the OnStar related mobile app and not in the vehicle embedded system. At least the security stop gap does not mean you have to stop driving your car.
For those of you managing a big data analytics platform or repository, this article is for you. Teradata is a fairly popular platform and these types of vulnerabilities should be taken seriously. All systems should be part of a standardized patching cycle. No systems are bulletproof. Even airgaps can be overcome.
Michael Chertoff is an opinion worth heeding, so I would highly recommend reading through his comments on the dangers of mandatory crypto backdoors.
This is both some valuable statistical data to tuck away when preparing for a debate around preparedness as well as a nice outline of to-do’s from an incident response perspective.
Patching is always important, especially when related to core web infrastructure. If you use WordPress as your site’s foundation, now is the time to patch.