More and more Macs are cropping up in enterprise IT environments. Studies have shown as much as 94.7% growth in the “very large business” category. It’s no secret that Apple has been on a tear in the consumer markets, and the enterprise market is not far behind.
In 1983 Hollywood unleashed a movie called War Games that showed what a determined hacker could do if they (even accidentally) attained privileges to a military computer. The movie got good reviews and even raised an eyebrow or two on the possibilities of misuse of privilege on specific information technology, but eventually, like most tinsel town products, was retreaded into a sequel 2008 called War Games: The Dead Code which failed miserably.
|Exploit Impact:||Elevation of Privilege
Third-party client side exploits continue to be a favored attack vector especially in widely deployed tools like Adobe Reader and Internet browsers. Recent studies show that third-party programs are responsible for 69% of the vulnerabilities on a typical endpoint.
According to a recent CNET News article, the hacker known as Comodohacker is now threatening to exploit Microsoft’s Windows Update service. This comes on the heels of Microsoft’s misstep of inadvertently offering an early look at the latest Patch Tuesday updates for 15 vulnerabilities in Windows, Office and Server products.
It seems as if every business and IT executive that I talk to lately literally has their “head in the clouds.” Every conversation about current or impending strategies for information assets almost universally contains some mention of a public, private or hybrid cloud deployment. A more interesting observation of these conversations is that the lure of liberating ourselves from the burden of managing applications and data shouldn’t mean we stop having high expectations about how those applications and data are managed.
We may be all created equal, but some identities are worth more than others. I’m not just talking about Mark Zuckerberg or Bill Gates being worth more than the average Mark or Bill working across the hall from you. It turns out that identity thieves target patient health information more than standard social security identities for good reason.
|Exploit Impact:||Information Disclosure
|Exploit Availability:||Publicly Available|
With mobile devices and smart phones representing 40% of all mobile phones in the US, consumerization continues to blur the corporate boundary as employees expect and require consistent access to corporate services from wherever they are, on any device they’re using—desktops, laptops, tablets and smart phones.
Our friends and colleagues at the Linux Foundation have been hit by a “brute force attack” and many of their sites have been taken down until the security breach is fully controlled.