Cyber Security Today: Samsung patches, cloud security still wanting and a warning on shadow IT

Samsung pushes out patches to handsets, update your Signal messaging software, cloud security still wanting and a warning on shadow IT

We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Wednesday, May 16th. To hear the podcast, click play below:

 

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts

Last week I told you about bug fixes announced by Android as part of its May security bulletin. Well, over the weekend Samsung began releasing fixes for 27 vulnerabilities. Twenty-one of those are labeled as high severity. Handsets affected are the S9, Note 8 and S8 phones. Make sure you get them installed.

Those of you who use the desktop version of the Signal Messaging App should apply the latest patch. It fixes a bug in the Windows and Linux versions that could allow an attacker to get at messages. Meanwhile, a security researcher warns of a potential problem with the macOS version. Apparently it doesn’t totally delete messages.

According to a new report from cloud security vendor RedLock, there’s good news-bad news on the cyber security front. The good news is more organizations are implementing best practices to avert cloud account compromises. The bad news is staff are still doing stupid things, like putting sensitive company information on Web sites like the GibHub online developers forum. They also click on attachments that allow cryptomining software to be installed, slowing down everyone’s computer. There are a number of things the cyber security team should be doing. These include mandating two-factor authentication for those who need administrative access, and more closely monitoring outbound network traffic. RedLock also reminds administrators that patching PCs and servers is vital.

There are shadows lurking in every organization. Not areas without light, but so-called shadow IT – people who bring their own laptops, cellphones, tablets and sometimes WiFi routers and connect them to the corporate network. And their owners like using them for connecting to risky places infected with malware like social media sites, unofficial app stores and illegal movie sites. With that malware, hackers can jump from the personal device to the company network. According to a report released this week by Infoblox, 82 per cent of organizations surveyed have security policies detailing proper online behavior to deal with this threat. But a good chunk of employees admit they don’t know if their company has a cyber security policy. Many admit they don’t follow it. So Infoblox advises companies to deploy security software that restricts staff from going to certain Web sites. As for what you can do, check with your IT leader about what the company expects from you.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast