Skip to main content
Monthly Archives

March 2018

||

[Infographic] IoT Report: March 2018

By Patch Management

It’s Time to Prepare for the IoT

The Internet of Things (IoT) is growing at a breathtaking pace. It is comprised of billions of devices—from tiny chips to mammoth machines—that use wireless technology to speak to each other (and to us)

Most IoT smart devices aren’t in your home or phone—they are in businesses. With over 20 billion IoT devices anticipated by 2020, the security risks are about to increase significantly and an IoT-based attack could be devastating for companies worldwide.

Syxsense is the first IT management solution that can discover IoT devices and start you on the road to managing. Later this year, we will be rolling out software update management and other features that will secure your IoT devices.

As the first quarter of 2018 wraps up, explore the state of the Internet of Things and where the future is heading. Click on the infographic below to save and reference for later.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Third-Party Patch Update: March 2018

By News

Will the IoT bankrupt your business?

Research on the Internet of Things is not painting a pretty picture. According to research firm Gartner, approximately 20% of organizations have experienced at least one IoT attack in the past three years. There’s also a report from BullGuard showing that 37% of those surveyed had no idea how to protect IoT devices.

The biggest conclusion from this research: businesses are going to spend a lot trying to prevent IoT-based attacks. Gartner’s forecast conservatively estimates that IoT security spending will reach $1.5 billion this year, but will explode to $3.1 billion by 2021.

Compliance is expected to be the primary cost-increasing factor.

It’s believed more regulations will be created, causing more work for IT managers. With the proliferation of IoT devices, reporting for compliance may become nearly impossible.

However, Syxsense has an answer. Our Device Discovery feature can already detect the IoT devices within your environments. And with our comprehensive reporting, you can generate easy to understand reports for any compliance need.

Be prepared for the IoT and start a trial of Syxsense today!

Third-Party Patch Updates

Below is a table of third-party updates from March 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

AIR: v29.0.0.112 – https://helpx.adobe.com/flash-player/release-note/fp_29_air_29_release_notes.html

 

Flash Player: v29.0.0.113 – https://helpx.adobe.com/flash-player/release-note/fp_29_air_29_release_notes.html

 

Shockwave Player: v12.3.2.202 – https://helpx.adobe.com/shockwave/release-note/release-notes-shockwave-12.html

 

N/A
Don Ho  

Notepad: v7.5.6 – https://notepad-plus-plus.org/news/notepad-7.5.6-released.html

 

N/A
Evernote Corporation  

Evernote: v6.10.3.6921 – https://evernote.com/download

 

N/A
FileZilla FTP Solution v3.31 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v65.0.3325.184 – https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-chrome-os_23.html

 

N/A
 

Irfan Skiljan

 

IrfanView: v4.51 – https://www.irfanview.com/main_history.htm
 

Malwarebytes

 

Antivirus  

Malwarebytes: v3.4.4.2398 – https://www.malwarebytes.com/support/releasehistory/

 

Mozilla Brower and Email Client  

Firefox: 59.0.2 – https://www.mozilla.org/en-US/firefox/59.0.2/releasenotes/

 

Thunderbird: 52.7.0 – https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/

 

N/A
 

The Document Foundation

 

LibreOffice: v6.0.2 – https://www.libreoffice.org/download/release-notes/
 

 

VSRevoGroup

 

RevoUninstallerFree: v2.0.5 – https://www.revouninstaller.com/revo_uninstaller_full_version_history.html

 

RevoUninstallerPro: v3.2.1 – https://www.revouninstaller.com/revo_uninstaller_pro_full_version_history.html

 

 

WinSCP

 

WinSCP: v5.13 – https://winscp.net/eng/docs/history
Wireshark Network Protocol Analyzer  

2.4.5 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html

 

N/A
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

IoT Report: Q1 2018

By News

What do the numbers tell us?

As far back as 2006, there were already 2 billion devices within the Internet of things. By 2016, that number had grown to 6.38 billion.

Now it’s estimated that there are currently over 8.4 billion devices, with that number expected to grow to 11.19 billion by the end of 2018. According to Gartner, by 2020 the number of IoT devices will explode to over 20 billion.

Juniper Research estimates that by 2022 businesses will spend $134 billion annually on cybersecurity for just IoT devices.

How much does a cyberattack cost business?

Looking at a common attack vector, a DDoS attack, The Ponemon Institute estimates that a company will lose approximately $1.7 million. The major expense is in the form of lost services, $517,599. Other costs come in at $414,128 for technical support, $229,071 for lost productivity, $346,062 for disruption of normal operations, and $199,201 for damage/theft of IT assets.

It’s also estimated that businesses are hit with an average of eight DDoS attacks a day, all thanks to the exponentially increasing number of unsecured IoT devices.

So what’s so difficult about IoT device management?

“It’s hard to evaluate the security of a camera, or a doorbell, or something you put in an industrial machine.” 

Michael Kaiser, the executive director of the National Cybersecurity Alliance

Why should we care?

Here’s the bottom line: the IoT is here and will benefit everyone. Lives will be made easier. Processes will be more efficient. New frontiers will be discovered in healthcare, manufacturing, and almost every aspect of our lives.

While IoT devices are thought of as objects like Apple Watches, Amazon Alexa’s, or other home-based smart devices, they are actually more widely spread in business environments. According to a report by Intel and their partners, most IoT devices are in factories, businesses, and health care environments. They estimate a massive 90.6% of IoT devices are business related.

Intel believes by 2025, the total global worth of IoT technology could be as much as USD 6.2 trillion.

It’s time to prepare for the IoT. Syxsense is the first IT management solution that can discover IoT devices and start you on the road to managing. Later this year, we will be rolling out software update management and other features that will secure your IoT devices.

Learn more about the state of your IoT devices and start a trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

Introducing: Application Packaging Services

By Video

Speak to an Application Packaging Specialist

Experience simplified application packaging.

With our Application Packaging Service, all packages are completed in our packaging lab by a dedicated team of experienced engineers, tested for conflicts, quality and delivery, then transferred to you for implementation in your environment.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||||||

RDP Flaw: Every Windows Version Affected

By News

CredSSP Flaw in RDP

Credential Security Support Provider protocol (CredSSP), a Windows protocol that interacts with features like RDP, has a critical vulnerability. The danger here is that malicious entities could manipulate RDP to gain access to user’s devices and environments, stealing sensitive and valuable data.

This previously unknown remote code execution vulnerability was reported to Microsoft in August last year, but the tech giant issued a fix for the protocol just now as part of its Patch Tuesday release—that’s almost after 7 months of reporting.

Since RDP is a feature within Windows, and one of the most popular application to perform remote access, everyone is exposed to this security threat. Literally every version of Windows, at the time of this article, contains this flaw.

Microsoft has released updates that target this issue. Even if you aren’t using RDP regularly, deploying this patch to your windows devices is critical. Because researchers believe this exploit may evolve into new ways to attack your environment, it’s also important to track the activity of remote login sessions.

Syxsense provides both predictive patch management and detailed security reports.

Protect your devices from this major RDP flaw by starting a free trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

Critical Flash Update: Patch Now

By News

Is this the end of Flash?

Adobe has acknowledged that all versions of Flash before 28.0.0.161 contain a critical vulnerability. This vulnerability allows “arbitrary code execution in the context of the current user.”

This sort of Remote Code Execution (RCE) flaw is used to force malware onto devices. You have two options: update Flash or remove it entirely.

Updating Flash will protect your devices, but Adobe has already declared they will be ending Flash support in 2020. Browsers like Chrome, Edge & Safari have already started blocking Flash with other browsers soon to follow suit. Why not jump ahead of the curve and remove the software entirely? Flash has proven to be not worth the trouble.

Whichever path you choose, Syxsense is the solution you need.

Our comprehensive patch library and predictive device discovery make the work of deploying Flash updates simple. In just a few clicks, you’ll have located every device running Flash, know which versions are on them, and deploy updates to the devices that need it.

If you want to remove Flash, our software distribution feature has an uninstall option. Again, an easy to follow wizard will help you select every device with Flash and roll it back.

The end of Flash is near. See how Syxsense will make this transition easy and start a trial today.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

March Patch Tuesday: Is the IoT Spying on You?

By News, Patch Tuesday

Are you ready for IoT Patching?

Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs.

Flaws range from the use of an insecure HTTP communications protocol to weak credentials that could allow an attacker to take control of the camera or even use the device as a springboard to launch attacks within a connected network. The most serious flaws opens an attack vector where an adversary can root the camera and spoof the DNS server addresses specified in the camera’s settings, which could then be used as a launch pad to conduct additional attacks on devices sharing the same local network.

“The problem with current IoT device security is that everyone thinks there is no need to secure IoT devices such as security cameras, secure door locks because they are not traditionally used as access points for breaching company networks. You need to know which IoT devices you have in your network, so you need to start with a security toolset which can tell you (full article here).”

Malware found at 160 Applebee’s Restaurants across North America

RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its point of sale systems (POS). The malware may have enabled hackers to steal certain guests’ names, credit or debit card numbers, expiration dates and card verification codes processed during limited time periods. Upon learning of a potential incident,

RMH told Threatpost it promptly launched an investigation, obtained the help of leading cyber security forensics firms, and reported the matter to law enforcement. RMH said it operates its point-of-sale systems isolated from the broader Applebee’s network, and this notice applies only to RMH-owned Applebee’s restaurants. In a statement, RMH urged customers to monitor their bankcard statements (full article here).

Robert Brown, Director of Services for Verismic said, “Most viruses and malware exploit environments which do not implement a robust patching process rather than a lack of virus protection. It is always easier to prevent an attack than to clean up after a serious outbreak.”

Alexa, what’s so funny?

Amazon acknowledged on Wednesday that some of its Alexa-enabled devices have developed a new skill: creeping out their owners with unexpected and unwarranted bursts of robotic laughter.

“We’re aware of this and working to fix it,” Amazon said.

People began reporting the problem with their “smart” speakers on social media in recent weeks. After the publication of this article, Amazon announced a fix and apparent explanation for the ghostly laughter. The company suggested in an email that the laughs had occurred “in rare circumstances” because the speaker was picking up a “false positive” for the command “Alexa, laugh.”

Find out how many of these devices you have in your network by starting a trial of Syxsense.

[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

Microsoft addressed 74 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, Microsoft Exchange, Microsoft Office, and Microsoft ASP.NET. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”23833″ img_size=”full” alignment=”center”]
CVE ID Alert Description CVSS Score Recommended
CVE-2018-0808 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0875 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0889 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0891 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 7.5 Yes
CVE-2018-0903 Microsoft Access Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0935 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0868 Microsoft Windows Installer Privilege Escalation Vulnerability 7.4 Yes
CVE-2018-0888 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0886 Microsoft Windows Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0815 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0816 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0817 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0877 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0880 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0881 Microsoft Windows Video Control Privilege Escalation Vulnerability 7 Yes
CVE-2018-0882 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0977 Microsoft Windows Win32k Privilege Escalation Vulnerability 7 Yes
CVE-2018-0983 Microsoft Windows Storage Services Privilege Escalation Vulnerability 7 Yes
CVE-2018-0885 Microsoft Windows Hyper-V Denial of Service Vulnerability 5.8
CVE-2018-0811 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0813 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0814 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0919 Microsoft Office Information Disclosure Vulnerability 5.5
CVE-2018-0926 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0787 Microsoft ASP.NET Core Privilege Escalation Vulnerability 5.4
CVE-2018-0909 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0910 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0911 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0912 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0913 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0914 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0915 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0916 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0917 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0921 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0923 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0940 Microsoft Exchange Security Bypass Vulnerability 5.4
CVE-2018-0944 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0947 Microsoft SharePoint Privilege Escalation Vulnerability 5.4
CVE-2018-0884 Microsoft Windows Security Feature Bypass Vulnerability 5.3
CVE-2018-0902 Microsoft Windows Kernel Driver Security Feature Bypass Vulnerability 5.3
CVE-2018-0883 Microsoft Windows Shell Arbitrary Code Execution Vulnerability 5
CVE-2018-0894 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0895 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0896 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0897 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0898 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0899 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0900 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0901 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0904 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0907 Microsoft Office Excel Security Bypass Vulnerability 4.4
CVE-2018-0879 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0927 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0929 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0932 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0939 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0941 Microsoft Exchange Information Disclosure Vulnerability 4.3
CVE-2018-0872 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0873 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0874 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0876 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0893 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0922 Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0925 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0930 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0931 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0933 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0934 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0936 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0937 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0878 Microsoft Windows Remote Assistance Information Disclosure Vulnerability 3.1
CVE-2018-0924 Microsoft Exchange Information Disclosure Vulnerability 3.1
CVE-2018-0942 Microsoft Internet Explorer Security Bypass Vulnerability 3
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo