Browser security is getting better and better. As a result, the bad guys have shifted their focus to Microsoft Office. At Kaspersky’s annual conference, researchers showed the changes in the threat landscape over the last two years. CSO reported that ...

 

Attacks on Microsoft Office Rising and more...




Attacks on Microsoft Office Rising

Browser security is getting better and better. As a result, the bad guys have shifted their focus to Microsoft Office. At Kaspersky’s annual conference, researchers showed the changes in the threat landscape over the last two years. CSO reported that more than 70% of all the attacks Kaspersky Lab catches are targeting Microsoft Office, and only 14% take advantage of browser vulnerabilities. Two years ago was a different story. Web-based vulnerabilities accounted for 45% of the attacks, while Microsoft Office had a 16% share.

Hacking browsers has become more expensive, thereby shifting focus to Microsoft Office. The Kaspersky researchers point out that the attacks are not directly on Microsoft Office but two related components. Two of the vulnerabilities exploit bugs found in Equation Editor. Cybercriminals prefer to use them because they can be found in every version of Microsoft Word released in the past 17 years. That’s a pretty wide attack surface. The recommendation is to install security solutions and updates as well as not opening links or files from untrusted sources.

Email: jsimek@senseient.com  Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com

 

Microsoft Update Breaks Some Anti-virus Software

Apparently, the April 9th security update from Microsoft wasn’t too kind to several anti-virus vendors according to a post on Threatpost. According to Microsoft, the update resulted in some computers having slow startup times, sluggish performance or becoming completely unresponsive. Several anti‑virus products are impacted. The current list includes Sophos Endpoint and Sophos Enterprise Console, Avira antivirus software, ArcaBit antivirus software, Avast and McAfee Security Threat Prevention 10.x and McAfee Host Intrusion Prevention 8.0.

Microsoft said, “After installing this update, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.” In other words, the update broke your computer. If you are running one of the impacted software, check with the vendor to see if there is a workaround until the problem is resolved. As an example, Avast is offering a “micro-update” that “should resolve the issue and restore functionality.”

Email: jsimek@senseient.com  Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com

 

TSA Approved Biometric Luggage Lock

Just because you can doesn’t mean you should. This can be the gift to give someone that has everything or it could be a really bad idea. At first blush, I’ll lean towards the latter. Believe it or not, you can now buy a TSA approved biometric luggage lock on Amazon. It will only set you back $55.99. At that price you should be able to buy at least six or more TSA approved combination luggage locks. Despite the high cost, let me say that I think these locks are a bad idea. Storing biometric data about you on a device that is generally accessible to strangers can’t be a good thing. Even at $56, you know the bad guys will find a way to easily capture your biometric data and use it against you.

The ironic part of this product is that you can’t (shouldn’t) use the lock for checked baggage. The lock needs power to keep the biometric data intact. Guess what? The lock requires a lithium battery to power up the electronics. In case you don’t know, lithium batteries are banned from the plane’s luggage hold. Somehow I don’t think that is going to deter anyone from strapping one of these hi-tech locks on their checked baggage. After all, they’re probably the same people that text and drive. Frankly, it makes you wonder how TSA could even approve the device.

Email: jsimek@senseient.com  Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com

 

Windows 7 - Out of Support in Less Than a Year

It wasn’t that long ago we lectured that it was unethical to continue to use Windows XP because Microsoft was no longer supporting it. No security updates means that you can no longer protect client confidential data. Well, that day is coming for Windows 7 too. The End of Life date for Windows 7 Service Pack 1 is January 14, 2020. The operating system will still work after the End of Life date, but you will be vulnerable to attack since there will be no more security updates. It’s more than just the operating system though. Expect vendors to stop supporting software running on Windows 7 as well. That means you won’t be able to count on your security software (e.g. Symantec, Kaspersky, Trend Micro, etc.) to protect you either. Upgrade to Windows 10 before January.

Email: jsimek@senseient.com  Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com

 

No Backdoor in LastPass Password Manager

Yet again, law enforcement asked the technology community to break the encryption protecting user’s data. As reported by Softpedia, the Drug Enforcement Administration (DEA) reached out to LastPass to gain access to Stephan Caamano’s password vault. Apparently, he is under investigation for trafficking a counterfeit drug and money laundering. When the DEA asked LastPass to crack into Caamano’s data the response was a big fat “nope, we can’t do it.” LastPass explained that password managers like LastPass do not store encryption keys on company’s servers, as all the data is decrypted on the user’s device. To state it another way, the data can only be accessed from the device where the password manager is installed and only when the master password is provided.

Good news indeed. Yet again, another reason to be using a password manager. I suppose the government will keep asking for backdoors to be built into technology even though it’s probably the second dumbest request the government could make. Your choice as to what the dumbest request would be.

Email: jsimek@senseient.com  Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com