NetStandard’s Security Minute Series
An interesting thought I read in a book the other day: “You win more by not being stupid, than you do from being smart.” This is very applicable to cyber security. Cyber criminals are most often looking for the easy targets, the ones doing even basic stuff wrong. For the vast majority of businesses, security doesn’t require you to worry about the super-sophisticated nation-state attackers (though those are what get all the headlines!) – As small businesses, we win at security most often when we take care of things the way we’re supposed to.
- “Security begins with operational excellence.”
Reminder that Microsoft will begin Enforcement Mode on the Zerologon patch that was released in August. As of the upcoming February 9, 2021 Security Update, all non-compliant Netlogon connections will be blocked.
Last week, Intel announced that they are adding hardware-based ransomware protection directly into the processor. More details have now been released. Personally, I’m still skeptical, but hopefully I’ll be proven wrong.
Wi-Fi 6E is here. Like Wi-Fi 6, it’s about capacity rather than speed – handling high-density situations better. It also includes new 6Ghz spectrum for the first time. The first devices just appeared at CES. For those of you that live in an apartment building or condo, or for those of you in high-density or congested areas, it’s something to keep an eye on as the devices mature.
On another note…
- Dnsmasq, a popular DNS forwarder used in many *NIX-based devices including routers and access points, is susceptible to cache poisoning via seven new vulnerabilities referred to as DNSpooq
- Full technical write-up, including a list of known vulnerable devices
- The full SolarWinds attack chain includes up to 4 new malware strains