Why Small Organizations Need Vulnerability Management

Computer with hard to read code, stressing the need for vulnerability management.

The US Cyber Security Agency (CISA) recently released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Microsoft Windows and Windows Remote Desktop Protocol (RDP). Vulnerability management can help organizations get a handle on such vulnerabilities.

Consequently, Microsoft released fixes for 50 security vulnerabilities in the Windows operating system, creating yet another scramble by IT professionals to patch their computer systems.

Part of what Microsoft fixed in the updates released was what is regarded as a major crypto-spoofing bug that affected Windows 10 users.

A key point is to realize that this particular vulnerability could allow a cyber criminal or hacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an application was from a trusted source.

Keep in mind that in technology terms, spoofing is defined as a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.

To put it another way, when this vulnerability is exploited and code-signing certificates are spoofed, the operating system will find it difficult to tell the difference between malware and Microsoft software. (more…)

Share

Comments Off on Why Small Organizations Need Vulnerability Management

Prevent Downtime, Keep Cyber Thieves At Bay, and Prepare For Disaster

How Organizations Can Prevent Downtime And Ensure That Even If Cyber Thieves Keep A-Knockin’, They Can’t Come In

Image of icons of security shield, bug prevention, and secure laptop

Small businesses and organizations in Round Rock, Texas and surrounding cities can prevent downtime, keep cyber thieves at bay, and prepare for disaster by implementing simple backup and disaster recovery strategies.

A study presented at the International Conference on Dependable Systems and Networks showed that small-business networks are attacked every 39 seconds by some type of hacker or malicious software. Thankfully, having the proper firewall and office network security tools can prevent even the most determined cyber hacker from getting his hands on your network. Are your systems covered?

Does your organization have someone looking after the network who knows what they’re doing? Or is the IT position assigned to the so-called “Accidental IT Person” – an ad hoc position taken on by whoever knows the most about computers? The danger  of not being able to prevent downtime here is that if this person has a full-time job, perhaps as the office manager, or graphic designer, they won’t necessarily be keeping everything locked down and updated.

A good way to prevent downtime is to have a dedicated IT person on staff, or outsource the task to a local computer service company. By leveraging an IT services provider, you will have access to a team of qualified experts. (more…)

Share

Comments Off on Prevent Downtime, Keep Cyber Thieves At Bay, and Prepare For Disaster

The DigiNotar Breach: Another Exposure of Negligence

In case you have not heard, another SSL Certificate provider, Dutch certificate authority DigiNotar, a subsidiary of Vasco Data Security, was breached recently and from the preliminary report coming from the company that did an audit, it looks pretty bad.

Some of the names in the list of bogus certificates generated by the attackers include Comodo, Google, Thawte, Microsoft, Mozilla, WindoswUpdate, WordPress’ MI6, the CIA, Facebook and Twitter. (more…)

Share

1 Comment

How To Fix Windows Update Error 0x80070424

When you run the Windows Update service, you may sometimes discover that you are not able to install any windows updates or even use the windows update website. Instead, you get a message like:

The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem

Then there is an error code 0x80070424. It could also show up as error 80070424.

This could be a symptom of one or more of the following problems: (more…)

Share

Comments Off on How To Fix Windows Update Error 0x80070424

How to Fix Windows 7 update error code 8007000D

Recently, I have been having all kinds of problems with Windows update, especially after the release of Windows 7 SP1. One of the frustrating things about Windows errors is the silly “Get help with this error” message that tells you absolutely nothing about how to fix the errors. Rants aside, here’s how to fix one of those cryptic errors, specifically error code 8007000D also represented by its hex variant 0x8007000D. (more…)

Share

1 Comment

How To Fix Error 80072EFD On Small Business Server 2008

For several months, I had a client with a Small Business Server 2008 that just would not update. It worked for a while and just suddenly quit after a round of updates through automatic update. No matter what I tried from confirming network connectivity, checking firewall settings, adding and re-adding the update sites to firewall exceptions, disabling anti-virus applications and software accelerators to spending long hours reading Technet articles and suggested fixes from Microsoft, and a thorough step-by-step  here, the problem would not go away and kept giving “Windows can’t connect to update…”  error 80072efd. (more…)

Share

14 Comments