Hacking team hack continues to hack us off
As we mentioned last week, the zero day vulnerability researcher and vendor Hacking Team (to governments and law enforcement agencies mostly), were themselves hacked and a good chunk of their warez published in public.
Astonishingly, it appears that the hack was facilitated through busting very weak passwords on the HT infrastructure. Really? Must try harder, take an F.
The upshot of Hacking Team secrets being pasted to the Internet is that bad people have been able to quickly implement some of the zero days for their own nefarious purposes.
You don’t have to be a card carrying genius to work out who had the biggest holes – wait forit….Yes Microsoft and Adobe. The publication of the zero days has led to a flurry of patching and it is imperative that you:
- Update Flash to Version 188.8.131.52
- Implement Microsoft’s patches from Tuesday 14 July 2015
- Watch out for critical patches from your other vendors
As well as fixing two of the Hacking Team issues, this months Microsoft patching round fixesno fewer than 57 other bugs, many of them pretty serious.
On the subject of Microsoft, it removed XP support for the Malicious Software Removal Tool yesterday, Bastille Day, so if you have been procrastinating and find yourself with just one or two (million) XP machines, get rid of them, or pay the price.
ITC’s NetSure360° managed security platform includes technology that can quickly and efficiently identify machines connected to your network and assess them for their compliance with your policies, for instance are they running up to date anti virus or are they running XP? Are they even running the correct version of Adobe?
We can report on machines that do not meet the required standards and automatically relocate them to a locked down part of the network for remediation or ban them for life, faster than you can say “Izzy Whizzy let’s get busy”. Magic stuff.
If you would like to know more about any of the grim facts in this blog, or how we can help you manage your environment automatically, contact us at: email@example.com or call: 02075173900