[et_pb_section fb_built=”1″ fullwidth=”on” _builder_version=”3.13.1″ background_image=”https://www.mdsny.com/wp-content/uploads/2018/10/square-smb-phishing-1.jpg” background_position=”center_right” background_blend=”darken” custom_padding=”0px|0px|0px|0px”][et_pb_fullwidth_header title=”Breaching News: Week of 10/12/2018″ text_orientation=”center” background_overlay_color=”rgba(0,0,0,0.42)” title_font_color=”#ffffff” _builder_version=”3.13.1″ title_font=”Droid Serif||||” title_text_color=”#ffffff” title_font_size=”37px” background_color=”rgba(255, 255, 255, 0)” background_layout=”light”][/et_pb_fullwidth_header][/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”3.0.65″ custom_padding=”12px|0px|0px|0px”][et_pb_row make_fullwidth=”on” custom_padding=”27px|1px|0px|2px” _builder_version=”3.0.65″][et_pb_column type=”4_4″ _builder_version=”3.0.65″ parallax=”off” parallax_method=”on”][et_pb_text _builder_version=”3.0.74″ text_font=”Droid Serif||||” text_font_size=”18px”]By Jen Trang Nguyen, MDS
Welcome to our series of blog posts dedicated to Cybersecurity Awareness Month! This month, we will update you with the latest security news, share some tips and tricks as well as a special announcement about our very own Cybersecurity Techxpo on October 23, 2018 here in NYC. Stay tuned!
[/et_pb_text][et_pb_image _builder_version=”3.0.74″ animation_style=”slide” animation_direction=”left” animation_duration=”500ms” animation_intensity_slide=”10%”][/et_pb_image][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”3.0.74″ background_color=”#e8e8e8″ custom_padding=”0px|0|15px|0px|false|false”][et_pb_row make_fullwidth=”on” custom_padding=”22px|0px|0px|0px” _builder_version=”3.13.1″][et_pb_column type=”1_2″ _builder_version=”3.0.65″ parallax=”off” parallax_method=”on”][et_pb_text _builder_version=”3.0.74″ text_font=”Droid Serif||||” text_font_size=”18px” inline_fonts=”Droid Serif”]
What a week for security news. Constant breaching, countless user information exposed, and many IT security professionals losing sleep at night.
This week, we are bringing you the round-ups.
From Google, Microsoft, Adobe to governments, it seems like nobody’s data is safe these days
1. Google shuts down Google+ after a user data breach of up to 500,000 profiles.
WSJ reported Google quietly patched up an API bug that exposed the personal data of its users to outside developers in March 2018. It didn’t alert the public, and thus is in hot water with Congress. Say goodbye to your “less than 5 seconds” Google+ sessions (per the company’s report). Google opens up a G Suite security threat alert for businesses in response to the backlash. Funny, you know, because Google just criticized Apple for Safari bugs.
2. Apple patches critical vulnerabilities in iOS 12.
Speaking of Apple, the iOS giant just released a new update to patch two vulnerabilities, one in QuickLook and the other in VoiceOver. These vulnerabilities would allow you to bypass the iOS lock screen and see contacts, photos, emails, and telephone numbers. If you have an iPhone, it’s time to update your iOS from 12 to 12.0.1.
3. Microsoft released updates to fix 12 critical vulnerabilities
It seems like Microsoft can’t catch a break with these updates. After users reported multiple files missing with the new update, Microsoft pulled it off, issued an announcement for its users not to update just yet, and rolled out another one on Tuesday to fix this missing file issue (along with other critical vulnerabilities). Kaspersky also reported a new security exploit in Microsoft Windows OS. Windows 10 is facing a big quality test, much like the US government this upcoming midterm election.
[/et_pb_text][/et_pb_column][et_pb_column type=”1_2″ _builder_version=”3.0.65″ parallax=”off” parallax_method=”on”][et_pb_image src=”https://ci5.googleusercontent.com/proxy/SgNXUsMLxCsBSffRIn_7diHM9kr3FXtZ24iQIRR2muTAGkNMoeLuc_vtO0Egf-B2zIehIQIXgJzHBbmVYjbgRag7t0kixTjHkNSfWL2mY2gnHzGSlJ1yl6v5XrI8H6aSlZJv=s0-d-e1-ft#https://www.morningbrew.com/stories/wp-content/uploads/2018/10/GooglePlus.png” _builder_version=”3.13.1″ max_width=”59%” animation_style=”slide” animation_direction=”left” animation_duration=”500ms” animation_intensity_slide=”10%”][/et_pb_image][/et_pb_column][/et_pb_row][et_pb_row make_fullwidth=”on” custom_padding=”1px|0px|0|0px|false|false” _builder_version=”3.0.65″][et_pb_column type=”4_4″ _builder_version=”3.0.65″ parallax=”off” parallax_method=”on”][et_pb_text _builder_version=”3.0.74″ text_font=”Droid Serif||||” text_font_size=”18px”]
4. The government is facing multiple hacking attacks
Speaking of vulnerabilities… After DefCon showed how easy it is to hack the votes, it seems like the government has much more to worry about:
– Security firm uncovers new cyber group targeting government, military sectors in espionage campaign.
– The military’s cyber defenses are in appallingly bad shape.
– Lesser-skilled cybercriminals adopt nation-state hacking methods.
– These are the hackers targeting the midterm election.
5. Adobe security fixes ignored Flash Player
Kind of ironic, since some harmful software is waiting to update your Flash player for you and install crypto malware with it. As Adobe is retiring Flash in 2020, it placed less importance on the once-popular internet plugin. However, this exposed Flash to high vulnerability.
6. BONUS: Your fitness data with FitMetrix is exposed, too.
The reason? Servers with no password. Millions of customer data are affected by the breach.
[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row make_fullwidth=”on” custom_padding=”1px|0px|16px|0px|false|false” _builder_version=”3.0.65″][et_pb_column type=”4_4″ _builder_version=”3.0.65″ parallax=”off” parallax_method=”on”][et_pb_text _builder_version=”3.0.74″ text_font=”Droid Serif||||” text_font_size=”18px”]That concludes our Breaching News for this week. What a week to be in IT security!
Don’t wait until sensitive data is already in the sticky hands of hackers to react to a breach. Stay proactive with MDS and work with us to build out a custom, company-wide security protocol that is effective and easy to maintain.
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.0.74″ background_color=”#8d8c91″ custom_padding=”4px|0px|20px|0px”][et_pb_row make_fullwidth=”on” custom_padding=”10px|0px|27px|0px” admin_label=”row” _builder_version=”3.0.47″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.0.47″ parallax=”off” parallax_method=”on”][et_pb_cta title=”Pulling the plug doesn’t have to be your only security solution.” button_url=”https://www.mdsny.com/contact/” button_text=”Contact Us” _builder_version=”3.0.65″ header_font=”Droid Sans|on|||” header_font_size=”31px” body_font=”Droid Sans||||” body_font_size=”19px” use_background_color=”off” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_button=”on” button_text_color=”#2d3743″]Don’t become part of a rising statistic — ensure your company is armed against a security hack.
[/et_pb_cta][/et_pb_column][/et_pb_row][/et_pb_section]