Frankly, the statistics in this article are not surprising, but they are concerning from a security perspective. The burden involved in isolating, securing or otherwise managing legacy systems is tremendous for most organizations, and yet the overall reduction in risk is minimal. At the end of the day, these machines can no longer be properly patched and will remain seriously vulnerable to compromise.
This is incredibly disturbing, especially for the millions of Americans relying on these medical systems for their health and well-being and in many cases, their very lives.
This concerns me. Fear associated with the patching process has the potential to be one of the greatest weaknesses in the overall security of organizations. If a business is afraid to apply patches due to potential vulnerabilities in WSUS, then a significant battle is lost and all of the organization’s end points are at risk. And from this demonstration at Black Hat, there is a solution in the form of SSL with proper certificate management, but Microsoft has placed that burden on the end user organization. This issue should be addressed and it should be addressed quickly.
This is lovely news to ponder on the Friday morning before Christmas! Be aware and conscious of these types of threats. Update firmware and/or replace your routers and firewalls with more hardened devices. Tis’ not the season you want to be vulnerable to the bad guys.
This article should be largely self-evident, but it is very easy for new PC owners to overlook the value of A/V when that trial version expires. This is honestly no excuse thanks to the large number of free and low cost A/V solutions. Microsoft provides a respectable option in Microsoft Security Essentials (http://windows.microsoft.com/en-us/windows/security-essentials-download)
The ability to find and/or remote wipe stolen or lost smartphones has always been important, but in the age of growing mobile payments via smart devices, this feature is all the more crucial. A potential flaw in Samsung’s offering is a significant red flag, and potential boon for iPhone proponents.