https://nakedsecurity.sophos.com/2018/12/17/monday-review-the-hot-19-stories-of-the-week-30/
Month: December 2018
Worst passwords list is out, but this time we’re not scolding users
What a wonderful thought and a great step in the right direction – Let’s deny the use of the 10,000 worst passwords. I am being serious as is this article. It is time to stop simply laughing at the poor decisions of our end users and begin to build controls and limitations on poor password decisions. It is time to mandate better credentials – passphrases, multi-factor authentication requirements, and proper password management tools. It is time for webmasters and sysadmins to pick up the torch of password security and quick bending to the whim of a lowest common denominator approach to end user management.
Patch Tuesday – December 2018 Edition
There are plenty of issues to address with this most recent batch of patches and updates from Microsoft, Adobe and others. Review your environments and please patch accordingly.
https://krebsonsecurity.com/2018/12/patch-tuesday-december-2018-edition/
https://www.infosecurity-magazine.com/news/microsoft-adobe-patch-100-bugs/
Sophos Weekly Recap
Microsoft is embracing Chromium, bringing Edge to Windows 7, Windows 8, and macOS
This is an intriguing development, even for Microsoft. The implications of porting Edge to non-Microsoft platforms have the potential to be far reaching for both developers and businesses tied to compatibility requirements surrounding the Microsoft browser platform.
Adobe Flash Zero-Day Spreads via Office Docs
The ongoing battle against the exploitation of Adobe Flash continues. This is but the latest in a long line of flaws and vulnerabilities to plague Flash and its brothers and sisters in the Adobe family of products. Please review your environments and patch accordingly. Also, take the time to educate your users to the nature of this particular exploit.
Virtual Sweater Vest 