Networking Monitoring News – June 2016

Network Segmentation

As we build out our networks, we should start thinking about how to properly segment users and assets. Segmenting networks has been best practice for a long time now, but is rarely implemented. With the new normal of malware, we can greatly reduce our attack surface by limiting exposure to our critical systems. This also allows us to focus monitoring efforts where they will be most effective.

Flat networks are simple and have little management overhead, but this comes at a cost. Flat networks offer little protection as well.

Lenovo

The Lenovo Accelerator Application software package which is meant to speed up the launch of some Lenovo applications, has been found to be vulnerable to a man in the middle attack. The vulnerability lies within the “update mechanism where a Lenovo server is queried to identify if application updates are available.” Lenovo recommends removing this software immediately.

The full list of machines that are impacted is vast but include Lenovo Notebook 305, Edge 15, Flex2 Pro and Yoga product lines. Additionally, IdeaCenter and Yoga Home 500 are amongst the 39 desktop models impacted.

A full list of machines can be found here:

Lenovo Support

Microsoft

A Microsoft Windows zero-day exploit has hit the market with a $90,000 price tag. This unpatched vulnerability is being sold with claims that it works against all versions of Windows from Windows 2000 to the current Windows 10 OS. The purchase gets you all the source code and two proof of concept videos that show the exploit working. There is big money in malware, from finding the exploits on down to using them. Let ContentCatcher NSM help protect your network.