Newsletter

Networking Monitoring News – June 2016

Network Segmentation

As we build out our networks, we should start thinking about how to properly segment users and assets. Segmenting networks has been best practice for a long time now, but is rarely implemented. With the new normal of malware, we can greatly reduce our attack surface by limiting exposure to our critical systems. This also allows us to focus monitoring efforts where they will be most effective.

Flat networks are simple and have little management overhead, but this comes at a cost. Flat networks offer little protection as well.

Lenovo

The Lenovo Accelerator Application software package which is meant to speed up the launch of some Lenovo applications, has been found to be vulnerable to a man in the middle attack. The vulnerability lies within the “update mechanism where a Lenovo server is queried to identify if application updates are available.” Lenovo recommends removing this software immediately.

The full list of machines that are impacted is vast but include Lenovo Notebook 305, Edge 15, Flex2 Pro and Yoga product lines. Additionally, IdeaCenter and Yoga Home 500 are amongst the 39 desktop models impacted.

A full list of machines can be found here:

Lenovo Support

Microsoft

A Microsoft Windows zero-day exploit has hit the market with a $90,000 price tag. This unpatched vulnerability is being sold with claims that it works against all versions of Windows from Windows 2000 to the current Windows 10 OS. The purchase gets you all the source code and two proof of concept videos that show the exploit working. There is big money in malware, from finding the exploits on down to using them. Let ContentCatcher NSM help protect your network.

Ron Samson

Share
Published by
Ron Samson

Recent Posts

Huntress vs Blackpoint

Compare Huntress vs Blackpoint MDR for MSPs: coverage, SOC response authority, alert quality, integrations, and…

9 minutes ago

Huntress vs CrowdStrike

Choose Huntress or CrowdStrike by operating model, not hype: compare managed EDR, Falcon platform depth,…

57 years ago

SOC vs MDR

Reduce risk without overloading IT: compare SOC monitoring, alert triage, threat hunting, and MDR response…

24 hours ago

How Much Does a SOC Cost?

Compare SOC costs from $60K SOCaaS to $5M+ internal 24x7 teams, with hidden staffing, tooling,…

2 days ago

NIST 800-171 for Manufacturers

Protect CUI and win defense contracts with practical NIST 800-171 steps for manufacturers, from scoping…

2 days ago

CMMC Services for Manufacturers

Secure DoD contracts with CMMC support for manufacturers: map CUI, close NIST 800-171 gaps, monitor…

3 days ago