Internet of Things!
Five years ago, we thought that more users, more data, more devices, and more clouds were creating a perfect security storm of threats and vulnerabilities. The many predictions that came true were only the leading indicators of a much bigger problem, the acceleration of “more.” Gartner predicts there will be up to 6.8 billion devices in use in 2016, a massive 30% increase over last year. That is a lot of devices to support, maintain and protect. Securing devices connected to the network should be a top concern moving forward.
https://www.gartner.com/newsroom/id/3165317
Microsoft Patches Browsers
On Tuesday, December 29, Microsoft released an out-of-cycle patch for 19 security issues in Flash that affect the company’s browsers. One of the flaws was being actively exploited. Updates are available for both Internet Explorer and Edge. Flash Player is a major security concern. Your IT team should focus on keeping it up to date on all machines. According to Microsoft and the Secret Service, Flash Player exploits account for 20% of all infections.
https://support.microsoft.com/en-us/kb/3132372
TLS
Staring January 1, 2016, websites needing TLS certificates will be able to obtain only SHA-2 signed certificates. Some users could face problems because older versions of browsers do not support SHA-2. The decision to stop issuing SHA-1 signed certificates was made because the algorithm was found to be insecure. This past year, the maximum term of validity for a TLS certificate was reduced from 60 months to 39 months.
https://www.eweek.com/security/ca-council-to-improve-internet-certificate-security-in-2016.html
https://www.clearnetwork.com/network-monitoring-news-dec-2016/
And so on