September 12, 2023
Good morning, everyone!
This week’s critical vulnerabilities:
Patch All the Things!
Windows 7: Achilles Heel
Short version: Any PC running Windows 7 should not be exposed to the Internet. Period. Get rid of it or put it behind a secure network segmentation.
The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases. The initial entry point? A Windows 7 PC ... used to run software for one of the company's manufacturing machines.
Addendum: Anything that is no longer supported by the manufacturer should be replaced (or at least blocked from Internet access) -- operating systems, firmware, applications, devices, anything. If this truly isn't possible, the security implications should be carefully considered. Without manufacturer support, you cannot get security updates. Exposing an unsupported device or application to the Internet is just asking to be compromised.
Have a great week!
Security Awareness Training Available Here, There, Everywhere!
Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.
Contact me to schedule your employee training sessions. They're fun! ☺