Sophos Weekly Recap

https://nakedsecurity.sophos.com/2017/09/18/monday-review-the-hot-24-stories-of-the-week-23/

Advertisements

U.S. Govt Orders Purge Of Kaspersky Products From Its Networks

Should we really be shocked that an organization co-founded by a KGB educated individual which continues to perform project work for the Russian FSB is not deemed trustworthy by the Unites States government after the election cycle of 2016?  I believe the phrase “better safe than sorry” is a bit of an understatement.

https://blog.knowbe4.com/u.s.-govt-orders-purge-of-kaspersky-products-from-its-networks

https://www.infosecurity-magazine.com/news/us-government-bans-kaspersky-lab/

Post Patch Tuesday Roundup

Patch Tuesday has come and gone and we now have updates from Microsoft, Adobe and others to consider.  The biggest news in this most recent cycle is a critical update in Microsoft’s patch bundle that addresses a zero-day threat that is being actively exploited in the wild.  There are also several patches available from multiple vendors including Microsoft to address the “BlueBorne” vulnerability which allows for bluetooth associated man-in-the-middle attacks.  Please review all your core systems and products and patch accordingly.

https://www.infosecurity-magazine.com/news/microsoft-patches-blueborne/

https://www.darkreading.com/vulnerabilities—threats/billions-of-bluetooth-devices-vulnerable-to-code-execution-mitm-attacks/d/d-id/1329857

https://threatpost.com/microsoft-patches-office-zero-day-vulnerability/127946/

https://www.us-cert.gov/ncas/current-activity/2017/09/12/BlueBorne-Bluetooth-Vulnerabilities