Ocean’s IoT: Casino Hacked Through Fish Tank

Casino Infiltrated through Internet-Connected Fish Tank Thermometer Picture this: Jazzy music underscores George Clooney’s Danny Ocean pulling off another daring heist. He’s gathered his crew and it’s go time. Their entry point? A fish tank in the lobby. Okay, maybe that’s not the best physical access point, but it is how hackers stole data from…

Could Your IoT Devices be Hacked with a Google Search?

Most Companies Are Unprepared for the IoT Researchers at Ben-Gurion University warn that hackers have an unexpected resource in exploiting your environment: a Google search. IoT device manufactures set a default password for their devices, sometimes even sharing passwords between brands. “It only took 30 minutes to find passwords for most of the devices [used…

April Patch Tuesday: Don’t Get Burned Twice

Manage Your Vulnerabilities As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management…

WSUS Forces Upgrades

Strike Three for WSUS

Microsoft Ignores Deferral Settings, Forces Win10 Updates For the third time in the last few months, Microsoft pushed updates to Win10 machines that had deferral preferences set. Windows 10 versions 1507, 1511, 1607, and 1703 have been affected and pushed to 1709, whether a user wanted it or not. Microsoft’s response to this invasive error?…

Syxsense Achieves High Marks from Users

Users Love Ease of Use, Powerful Features and Reliable Support G2 Crowd recently released their Spring 2018 Reports. Syxsense was included in four unique lists, highlighting ease of product use and customer satisfaction: Grid® Report for Enterprise IT Management Suites, Usability Index for Enterprise IT Management Suites, Implementation Index for Enterprise IT Management Suites, and…

Meltdown Patch Burns Windows 7 Users

Total Meltdown Sometimes software updates cause more issues than they fix. Microsoft have made a major error in protecting Windows from Meltdown. Thanks to researcher Ulf Frisk, we are now aware that the January Patch Tuesday update has created new issues. The patches that were supposed to protect from Meltdown instead opened up a vulnerability…

Third-Party Patch Update: March 2018

Will the IoT bankrupt your business? Research on the Internet of Things is not painting a pretty picture. According to research firm Gartner, approximately 20% of organizations have experienced at least one IoT attack in the past three years. There’s also a report from BullGuard showing that 37% of those surveyed had no idea how…

IoT Report: Q1 2018

What do the numbers tell us? As far back as 2006, there were already 2 billion devices within the Internet of things. By 2016, that number had grown to 6.38 billion. Now it’s estimated that there are currently over 8.4 billion devices, with that number expected to grow to 11.19 billion by the end of…

RDP Flaw: Every Windows Version Affected

CredSSP Flaw in RDP Credential Security Support Provider protocol (CredSSP), a Windows protocol that interacts with features like RDP, has a critical vulnerability. The danger here is that malicious entities could manipulate RDP to gain access to user’s devices and environments, stealing sensitive and valuable data. This previously unknown remote code execution vulnerability was reported…

Critical Flash Update: Patch Now

Is this the end of Flash? Adobe has acknowledged that all versions of Flash before 28.0.0.161 contain a critical vulnerability. This vulnerability allows “arbitrary code execution in the context of the current user.” This sort of Remote Code Execution (RCE) flaw is used to force malware onto devices. You have two options: update Flash or remove…