10Fold – Security Never Sleeps – 131

Beyond the CES Hype: No Easy Fixes for Security and Privacy Woes

“No ease for privacy concerns at tech conference”

Despite all the fancy new technology products showcased at the CES conference there was little reassurance of the security of currently existing ones. Experts have reached near consensus that software vulnerabilities in many internet connected consumer devices can be relatively easy to exploit by hackers due to weak security features.

Dangerous assumptions that put enterprises at risk

“Internet providers do not cover preventative measures as expected”

Kaspersky Lab surveys have found that nearly 40 percent of tech companies do not put adequate security measures in place due to the belief that internet service providers will pick up the slack on features that block hackers and cyber thieves. Consumers seem to be in the same boat, with about one-in-three believing their ISP data centers provide adequate protections.

Edge Exploits Added to Sundown EK

“Security holes apparently exploitable by remote hackers”

Those responsible for maintaining the Sundown exploit kit have begun using Microsoft Edge security flaws as a Proof of Concept exploit. The CVE-2016-7200 and CVE-2016-7201 flaws, patched by Microsoft in November of 2016, are described as memory holes that that are corrupted by the way Chakra JavaScript handles code.

Leave a Reply

Your email address will not be published.