Security Roundup: NSA Unearths Huge Windows Bugs & Cybersecurity's Worst Kept Secret

7 minute read
Share this:
By TJ Lundeen
Sales & Marketing Specialist

The new year is just over a fortnight old. That’s plenty of time for an excess of cybersecurity issues to hit the news wire, including a major issue with Windows 10 and Server 2016 that was so severe it was found by the National Security Agency (NSA).

Multiple vulnerabilities found in Microsoft Remote Desktop Protocol (RDP)

Buried a bit behind the news of the NSA’s findings to Microsoft on issues with Windows 10 and Server 2016 were a handful of vulnerabilities that, in short, are a big deal.

Many organizations use Microsoft RDP to gain remote access into network computers, allowing individuals to work securely from any location. However, vulnerabilities in the RDP system have made things so easy for attackers that a bad egg could gain access to networks using RDP without even having to provide a login.

Imagine, someone, rooting around in your remote computer or network without so much as stealing your login credentials to gain access.

“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” said the Microsoft Security Response Center.

These vulnerabilities have the potential to have a long “shelf” life due mostly to the slow nature of patch installs on servers.

IoT is Cybersecurity’s Worst Kept Secret

The explosion of the Internet of Things (IoT) devices over the past decade has created mountains of data that have the potential to drive profitability.

According to HelpNet, market-leading IoT cybersecurity solutions are driving visibility and are helping create a new type of device “registry” which has information like operating system specifics, application versions, and vulnerability remediation from the life of a device. This information can also be used to repair or replace devices before an outage causes downtime or lost revenue.

Taking data from workflows and utilization recorded by IoT devices allow enterprises to stay ahead of potential issues to maintain operational systems.

How HR Teams Can Help Mitigate Cybersecurity Challenges

Data breaches have taken cybersecurity from an IT-focused issue to a full-business issue that crosses the lines of departments. No longer is it just an IT problem to face these issues.

In fact, good cybersecurity measures begin with HR.

Your human resources department gets the first crack at getting to know a new employee once they’re adding to your staff. Yes, you interviewed them and may have approved the hire, but your HR staff may have scheduled interviews, corresponded via email or phone, and will be a key cog in the onboarding process. That department will know well before you will if your new hire is a noob or has the chops to follow your cybersecurity procedures.

HR professionals can help to identify employees with bad security habits and help to mitigate potential issues with additional training.


900 million

The number of users estimated to have been affected by the “extraordinarily serious” security flaws discovered in Windows 10 this week. And that’s not even counting the more than 200 million users still using Windows 7 and Windows 8, which could be vulnerable to all sorts of additional issues.

Source: Forbes.com

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram