Currently, reports are accumulating about insecure processors that have been used for years. The two attack scenarios, Meltdown and Spectre exploit these vulnerabilities. Especially explosive: Every operating system on which more than one user is working is affected. Thus the “unprivileged user” is able to read each memory area of the RAM, as long as he can run the software at the system. An attacker can do this by placing malicious code on a website called from a web browser.
How massive the scale really is becomes clear when you realize that the vulnerability “Meltdown” affects every Intel-CPU since the Pentium II in 1997. Furthermore, “Spectre” affects ARM and AMD microprocessors. with similar influence to PCs, laptops, tablets, servers and smartphones. By taking advantage of these gaps, hackers are able to avoid barriers between user program and RAM to extract sensitive data such as passwords.
Cloud solutions are also affected: Office 360 or AWS data can be read by unauthorized users, as they usually are not encrypted in RAM. As long as Microsoft, Amazon and IBM have not patched and restarted their entire clouds, cloud applications should not be used for confidential information.
Greenbone‘s solution is protected
The Greenbone Security Manager is not affected by these vulnerabilities! Our authorization concept and system hardening does not allow users to exploit the proof-of-concept gap. In addition, since JAN 5th 2018 the security feed of our solution identifies unpatched systems and supports the user to quickly recognize and remediate the vulnerabilities.
https://www.greenbone.net/wp-content/uploads/01_Logo-mit-Schriftzug_500px_on_white_horiz1.jpg00Lukas Grunwaldhttps://www.greenbone.net/wp-content/uploads/01_Logo-mit-Schriftzug_500px_on_white_horiz1.jpgLukas Grunwald2018-01-08 12:47:042018-01-25 14:06:34Being among the most widespread and biggest security gaps in IT history:
31 million users of Ai.type entrusted their personal data to the app provider. It turned out to be a bad idea. A huge security leak handed user data – i.e. names, email addresses, IMEI and phone numbers, as well as contacts directories – to hackers, spammers and cyber criminals on a silver platter.
You can only shake your head when you read news like the data leak from the app Ai.type. The developer simply forgot to secure a MongoDB database that was 577 GB in size and thus threw the gates wide open for information thieves. Admittedly, everybody knows that mistakes can happen. The more serious element is the second failure: It seems the app provider had not implemented any security measures or test mechanisms to detect vulnerabilities like that – before they can be exploited by attackers.
However, preventive security tools have long been part of standard security strategies to secure the IT network. This also includes a comprehensive vulnerability management tool that continuously checks the IT infrastructure, detects and reports vulnerabilities to those who are in charge of. This way, an open database like the one in Ai.type would have been noticed very fast. Let’s hope that other providers deal with sensitive customer data in a much more responsible way. From next May onwards at the latest, there will be even more reasons to do so as the GDPR will come into force and costly penalties can be imposed.
https://www.greenbone.net/wp-content/uploads/01_Logo-mit-Schriftzug_500px_on_white_horiz1.jpg00Lukas Grunwaldhttps://www.greenbone.net/wp-content/uploads/01_Logo-mit-Schriftzug_500px_on_white_horiz1.jpgLukas Grunwald2017-12-18 11:31:212017-12-18 11:31:21Please help yourself: When app providers leave the door open for attackers
The Adobe Patch Day in August must have caused quite a stir in IT departments: 80 vulnerabilities were detected in Adobe flashplayer, Adobe acrobat and reader, as well as in the experience manager, 46 of which were deemed critical. This very clearly shows that the sporadic closure of vulnerabilities does not meet the standards of current strict data protection laws.
Not being able to trace whether the update was installed on all network devices poses yet another risk. The only guaranteed way to know is to continuously run automated and complete scans throughout your network with vulnerability management software. Daily updates contain vulnerability tests to find running threats and security gaps. Take a look at the current situation here.
Beware of legacy technology
Many believe Flash is dead. That is true and false at the same time. Contrary to all predictions, Flash and other technologies are still being used. And that is why it is important to know where in your own network they can cause harm and create a risk. An automated scan helps you find out and ultimately gives you more security.
https://www.greenbone.net/wp-content/uploads/mind-the-gap-1876790_1920.jpg14341920Dirk Schraderhttps://www.greenbone.net/wp-content/uploads/01_Logo-mit-Schriftzug_500px_on_white_horiz1.jpgDirk Schrader2017-09-01 16:30:342017-09-01 16:32:45A risky business: only closing vulnerabilities on Patch Tuesday
Being among the most widespread and biggest security gaps in IT history:
/in Blog /by Lukas GrunwaldSpectre and Meltdown cause trouble worldwide
Currently, reports are accumulating about insecure processors that have been used for years. The two attack scenarios, Meltdown and Spectre exploit these vulnerabilities. Especially explosive: Every operating system on which more than one user is working is affected. Thus the “unprivileged user” is able to read each memory area of the RAM, as long as he can run the software at the system. An attacker can do this by placing malicious code on a website called from a web browser.
How massive the scale really is becomes clear when you realize that the vulnerability “Meltdown” affects every Intel-CPU since the Pentium II in 1997. Furthermore, “Spectre” affects ARM and AMD microprocessors. with similar influence to PCs, laptops, tablets, servers and smartphones. By taking advantage of these gaps, hackers are able to avoid barriers between user program and RAM to extract sensitive data such as passwords.
Cloud solutions are also affected: Office 360 or AWS data can be read by unauthorized users, as they usually are not encrypted in RAM. As long as Microsoft, Amazon and IBM have not patched and restarted their entire clouds, cloud applications should not be used for confidential information.
Greenbone‘s solution is protected
The Greenbone Security Manager is not affected by these vulnerabilities! Our authorization concept and system hardening does not allow users to exploit the proof-of-concept gap. In addition, since JAN 5th 2018 the security feed of our solution identifies unpatched systems and supports the user to quickly recognize and remediate the vulnerabilities.
Please help yourself: When app providers leave the door open for attackers
/in Blog /by Lukas Grunwald31 million users of Ai.type entrusted their personal data to the app provider. It turned out to be a bad idea. A huge security leak handed user data – i.e. names, email addresses, IMEI and phone numbers, as well as contacts directories – to hackers, spammers and cyber criminals on a silver platter.
You can only shake your head when you read news like the data leak from the app Ai.type. The developer simply forgot to secure a MongoDB database that was 577 GB in size and thus threw the gates wide open for information thieves. Admittedly, everybody knows that mistakes can happen. The more serious element is the second failure: It seems the app provider had not implemented any security measures or test mechanisms to detect vulnerabilities like that – before they can be exploited by attackers.
However, preventive security tools have long been part of standard security strategies to secure the IT network. This also includes a comprehensive vulnerability management tool that continuously checks the IT infrastructure, detects and reports vulnerabilities to those who are in charge of. This way, an open database like the one in Ai.type would have been noticed very fast. Let’s hope that other providers deal with sensitive customer data in a much more responsible way. From next May onwards at the latest, there will be even more reasons to do so as the GDPR will come into force and costly penalties can be imposed.
A risky business: only closing vulnerabilities on Patch Tuesday
/in Blog, News /by Dirk SchraderThe Adobe Patch Day in August must have caused quite a stir in IT departments: 80 vulnerabilities were detected in Adobe flashplayer, Adobe acrobat and reader, as well as in the experience manager, 46 of which were deemed critical. This very clearly shows that the sporadic closure of vulnerabilities does not meet the standards of current strict data protection laws.
Not being able to trace whether the update was installed on all network devices poses yet another risk. The only guaranteed way to know is to continuously run automated and complete scans throughout your network with vulnerability management software. Daily updates contain vulnerability tests to find running threats and security gaps. Take a look at the current situation here.
Beware of legacy technology
Many believe Flash is dead. That is true and false at the same time. Contrary to all predictions, Flash and other technologies are still being used. And that is why it is important to know where in your own network they can cause harm and create a risk. An automated scan helps you find out and ultimately gives you more security.