Monday, May 23, 2022

Cyber Security Today: Jan. 25, 2019 – Unpatched software on your PC, angry ex-employee and another misconfigured server

A lot of people have unpatched software on your PC, an angry ex-employee hurts his former company and another misconfigured server with sensitive data found on the Internet.

Welcome to Cyber Security Today. It’s Friday January 25th.  To hear the podcast click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Are you worried about the security of your computer? Apparently, not enough. Just over half of the software on personal computers is out of date, if a report out this week from anti-virus software maker Avast is accurate. The company looked at data of what’s on the computers of its users and found a long list of software without the latest patches. The top five are Adobe Shockwave, the VLC Media Player, Skype, Java and the 7-Zip Filemanager. Others regularly not up to date are Foxit Reader, WinZip, iTunes, a media player called DivXPlus and the Mozilla Firefox browser. And, attention those of you on Windows 10: Nine per cent of you don’t have the latest security updates. Some of these applications may not be notifying users of updates. Some people may be ignoring updates. Some users may have installed software to try long ago and have forgotten about them. Go through your computer and check every piece of software. Do you use it? If not, delete it. For the rest, go to the manufacturer’s web site and make sure you’re on the latest version. Old software can easily be used by hackers to get into your system.

There’s a link to the full report here.

While I’m on the subject of updates, if you use an Apple device this week the company issued updates for devices that use the iOS and Mac operating systems. Make sure they’ve been installed.

When employees leave a company it’s vital an IT administrator make sure all of the password access they had is revoked. A company that makes the WPML plug-in for the WordPress content management system forgot about that and was embarrassed this month when an angry former employee used an old password and a backdoor he’d created to hack into the system. Then he used the company email to send a message to customers saying the product had a security problem. The company has now improved its internal security.

Finally, another company has been caught storing thousands of documents with sensitive personal, loan and mortgage information of Americans on an open Internet-connected server. Security researcher Bob Diachenko and news site TechCrunch found the files, which were held by a Texas data processing company. Ironically, the documents were originally on paper, which is pretty safe. But they’d been converted to digital files and then put on an unsecured server. The loans and mortgages had originally been made at a number of financial institutions, then apparently were sold to another financial firm. That company blamed the mistake on a server configuration error.

UPDATE: Diachenko found a second exposed server with the original, and easier to read, documents.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast