July Patch Tuesday: Check Your Pulse

How much did that sandwich really cost you?

On July 4, payment kiosk vendor Avanti Markets which installs self-service payment devices into corporate break rooms across America, suffered an embarrassing security breach.

According to investigator Brian Krebs who first reported the news, the systems of the company were infected by a malware that stole customer data including names, e-mail addresses, credit card accounts as well as biometric data.

Robert Brown, Director of Services said, “Attacks like this are evidence of the diversity used by attackers to collect both company and personal data. Any device with an operating system and software needs to be updated for compliance. Devices with outdated software or missing operating system updates are much easier to exploit, and in this case has the potential to expose millions of personal details including credit card information.”

The company admitted the breach and it is informing people that their data were exposed:

“On July 4, 2017, we discovered a sophisticated malware attack which affected kiosks at some Avanti Markets. Based on our investigation thus far, it appears the attackers utilized the malware to gain unauthorized access to customer personal information from some kiosks. Because not all of our kiosks are configured or used the same way, personal information on some kiosks may have been adversely affected, while other kiosks may not have been affected.”

Source: Avanti

Mind the Gap!

Since the outbreak of WannaCry, NotPetya and other threats this year, have you wondered where the gaps in your security are? It may surprise you to learn this, but most IT professionals have an outdated view of their own security.

Many believe they will never be targeted, and that is a big problem. This leads to a lack of planning when they are exposed, and most likely leads to an extended loss of data or worse – paying the ransom, and possibly paying it with their jobs.START FREE TRIAL

Simple steps can be implemented to protect your environment. It may also surprise you that attacks are currently exposing vulnerabilities which have been remediated by the vendor years and years ago, how can this be? Once again, IT professionals do not believe these old vulnerabilities will be used.

Industry experts believe that simply deploying your oldest missing updates can reduce your risk of exposure by 20 – 30%, which is staggering.

Robert Brown, Director of Services said:

“Our customers must know what operating system updates are missing and what software needs to be updated. Syxsense can help you to proactively identify the highest severity missing updates for both Microsoft, Linux along with third-party software. It’s simple to schedule with no visible end user disruption and easy to safeguard your environment. Don’t think you are secure, know you are secure.”

The human factor impacting IT Security

Employees hide IT security incidents in 40% of businesses, according to a new report from Kaspersky Lab and B2B International, “Human Factor in IT Security: How Employees are Making Businesses Vulnerable from Within.” With 46% of IT security incidents caused by employees each year, this business vulnerability must be addressed on many levels, not just through the IT security department.

Uninformed or careless employees are one of the most likely causes of a cybersecurity incident — second only to malware. While malware is becoming more sophisticated, the reality is that the human factor can pose an even greater danger. In particular, employee carelessness is one of the biggest chinks in corporate cybersecurity armor when it comes to targeted attacks, the IT security product firm says.

While advanced hackers might always use custom-made malware and hi-tech techniques to plan a heist, they will likely start with exploiting the easiest entry point – human nature.

Microsoft Updates

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own), anticipated business impact and the independent CVSS score for the vulnerability. The independent CVSS scores used in the table below range from 0 to 10.  Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 as Medium, and 0-3.9 as Low.

CVE ID Vulnerability Alert CVSS Base Score Recommended
CVE-2017-8584 Microsoft Windows Hololens Arbitrary Code Execution Vulnerability 10 YES
CVE-2017-8589 Microsoft Windows Search Arbitrary Code Execution Vulnerability 10 YES
CVE-2017-8588 Microsoft Windows WordPad Arbitrary Code Execution Vulnerability 9.6 YES
CVE-2017-8590 Microsoft Windows Common Log File System Privilege Escalation Vulnerability 9.3 YES
CVE-2017-0243 Microsoft Office Remote Code Execution Vulnerability 7.8 YES
CVE-2017-8501 Microsoft Office Memory Corruption Vulnerability 7.8 YES
CVE-2017-8502 Microsoft Office Memory Corruption Vulnerability 7.8 YES
CVE-2017-8570 Microsoft Office Arbitrary Code Execution Vulnerability 7.8 YES

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

START YOUR FREE TRIAL OF SYXSENSE