info@qualityplusconsulting.com l 262.425.0026

Special note for Ubuntu users

Breakfast Bytes podcasts are streaming MP3. In order for Firefox on Ubuntu to play the streaming MP3, install the GStreamer extra plugins that list MP3 as one of the supported formats. GStreamer can be obtained through the Ubuntu Software Center.

Breakfast Bytes - Midyear Security Review - Part1

9/30/2016

 

 

Midyear Security Roundup - Part 1



 

Part 1 of the midyear security roundup. It is now easy to steal Windows credentials from a computer via USB even if the logon screen is locked. An important router security website you should check out. How IoT devices being improperly secured and segmented creates major issues for you.

MP3 - 2016 Midyear Security Roundup - Part 1

 
 

 

 

Trend Micro's 2016 Midyear Security Roundup

Ransomware is up by 172% as compared to last year. As I have talked about extensively before, you have to have advanced persistent threat detection and blocking technologies implemented in depth and in alignment with a cyber security kill chain strategy.

Go here for Trend Micro's article.

http://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup

 

It is easy to steal Windows credentials via USB even if the screen is locked

The Windows credentials can now be stolen by someone with physical access to your computer and with a device that can easily be obtained for less than $200. This is another example of why you have to use multifactor authentication everywhere including on your local Active Directory. In this case, your mitigation techniques are to:

  • Encrypt your full computer with BitLocker using a decryption phrase of at least 10 characters
  • Shut down (not just sleep) your computer when you are not home so that a break-in intruder cannot use this vulnerability
  • Use multifactor authentication even for local Windows authentication

Go here to see the security researcher's article on the topic.

https://room362.com/post/2016/snagging-creds-from-locked-machines/

 

 

Router Security Website

A website you should check to see if the router you are using is listed here.
This website covers routers that have miserable security and what is wrong with them.

http://routersecurity.org/bugs.php

 

KrebsOnSecurity Hit with Record DDoS

Read Brian Krebs article on the topic to learn how IoT devices are being used to hack and cause chaos.

https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/

Linkedin