After the major threats and hacks of last year targeting some of the biggest global enterprises made headlines; cyber security has earned its position as one of biggest topics and concerns for 2018. Stay in the know with the latest trends, news topics and threats in the internet security space to help your business stay informed and on alert.
Industry Updates
Zero Day Dropped: Kernel Flaws Identified in Apple’s macOS Enables Full System Compromise
A zero-day vulnerability, dubbed IOHIDeous is said to affect all versions of Apple’s desktop operating system going back 15 years (macOS); was identified in what’s being called an unorthodox “New Year’s gift”. This security threat however brings no gifts to its victims; as detailed by the developer and hacker who discovered and exploited the vulnerability; this type of operating system flaw allows for an attacker to escalate privilege, run arbitrary code and gain root access. Along with releasing proof of concept code, the hacker who identified the threat also disclaims this type of risk cannot be exploited remotely and is easily noticeable as with it comes a full system compromise that takes down the computer’s UI. However despite disclaiming these lessening risks; this threat poses major harm to enterprises and their macOS networks whose systems can be exploited and compromised by internal entities.
Industry Updates
NIST’s Proposes Revisions to Cybersecurity Framework in its Efforts to Help GOV Agencies Better Manage Risks
Charged and entrusted with safeguarding critical information and the systems they manage; federal agencies have been ordered to use the National Institute of Standards and Technologies Framework to manage their cyber security. Along with this White House order originally issued in May of 2017; such agencies have also been made accountable for managing enterprise cyber security risk and have been directed to include senior execs with expertise in IT and security to help lead integrated teams.
Driven from this executive order and the groundbreaking hacks and breaches of recent years; the NIST organization has released its refined Risk Management Roadmap to help users better understand how to manage and amplify their cybersecurity while also summarizing its relevance and utility for organizational self-assessment. As our most entrusted agencies are moving forward with this new code of standard and more importance is put on implementing IT into top-level teams; they are not alone. All enterprises who seek to protect themselves against the growing threats in the business space will find themselves pushed towards evolving their cybersecurity protection in order to stay safeguarded from attack.
Industry Updates
Major Security Flaw Impacts all CPU Devices
After last week’s discovery of two major security flaws being called Spectre and Meltdown; business organizations and tech device users around the country scrambled to protect themselves from the first ever CPU security threat. Affecting nearly 90% of users in the PC and laptop market alone, researchers identified these problematic flaws could be linked back to Intel, ARM and AMD chips through which malicious code can be written on, allowing an attacker to see sensitive information stored on the device.
Passwords, network connections, confidential files, and basically anything and everything stored on a system’s hard drive or network is made accessible through these CPU flaws.
Devices affected include those running Mac and Windows operating systems as well most smartphones and tablets. For instructions on how to protect your device view our full report
With an even larger possible threat tied to the backend systems of these flawed devices such as servers and cloud networks; organization are also being urged to take further action in protecting themselves from these potentially devastating attacks targeting an enterprise at its core.
To learn more on how to protect you and your business, contact us for immediate service at: 1-800-985-1365
Cryptocurrencies are Exploding in Popularity and Driving the Escalation of Cryptojacking
With expanded acceptance from retailers, commercial operations and now even banking and financial institutions accepting cryptocurrencies; increasing activity has been seen in crypotjacking – a fraudulent act that mines encrypted funds through browsers without account holder knowledge or consent. This form of fraud presents a new set of risks to its victims who are not backed by federal institutions and regulations that protect government issued currency. However many are not surprised by this cryptic outcome. With the digital currency born out of the pseudonymous developer community; the potential threats of such decentralized currency has started to gain attention and overshadow the principle advantages it was built on. With the 4th largest hack in cryptocurrency reportedly taking $70 million in bitcoins in the December 2017 NiceHash hack, many investors are leaning weary to see what’s next for the encrypted marketplace.
Cyber Security Seen as Leading Concern for Directors in 2018
Rounding out 2017 as a game changing year for cyber attacks, executives are taking note and positioning themselves ahead of the risks as the stakes continue to rise in 2018. With immense impact made in the profound hacks of last year targeting Yahoo Inc., Equifax Inc., and Uber Technologies Inc.; it’s no wonder cyber security is quickly spreading as one of the leading concerns for boards and directors in the new year.
Required to adapt to this new landscape and the opportunity presented through emerging trends in both technology and the cyber space; organizations are better preparing themselves by evolving security protection along with their position in the marketplace. As potential threats and risk to come in 2018 have predicted widespread implications; one thing is for certain for large enterprises in the new year – if your network is not safeguarded you too will likely be in the headlines alongside other countless victims.
