Good morning,
I just wanted to continue with the way we have been running the class. Post the slide before class; try the night before, but missed that goal this week. I really liked what I read on the community site, I use almost all the post from the site this week. I have also looked at the quizzes from last week. I’ll talk about that tonight.
The put the quiz for tonight to start about the end of class at it will be out there till the night before the next time we meet or one week out based on what the schedule brings.
This weeks slides: Week 6
In the News:
- Article: Domain Theft Strands Thousands of Web Sites
- Three domains belonging to Newtek Business Services Corp. [NASDAQ:NEWT]
- February Updates from Adobe, Microsoft
-
Windows (SMB) could let attackers crash Windows 8.1, and Windows 10 systems, as well as server equivalents of those platforms.
-
- New EU Privacy Law May Weaken Security
- The European Union’s General Data Protection Regulation (GDPR)
February Updates from Adobe, Microsoft
Microsoft delayed the release of its monthly update citing issues in the patches. While readers have inquired about the delay when Adobe has released patches for Flash Player, it is still not known why the patches have been delayed when there is a zero-day vulnerability in Windows going around. The company says that it will release it next month as part of the regular update. As per the statement issued by CERT Coordination Center at Carnegie Mellon University, ‘unpatched bug in a core file-sharing component of Windows (SMB) could let attackers crash Windows 8.1, and Windows 10 systems, as well as server equivalents of those platforms’.
CERT has already issued a warning that the exploit code for the bug is already available on the internet and this could cause serious consequences if not dealt at the right time.
New EU Privacy Law May Weaken Security
The new European Privacy Law, which goes into effect in 3 months, is worrying many organizations because it would make it more difficult to track down cybercriminals. Organizations also may not be in a position to give out the data about new internet threats. The General Data Protection Regulation (GDPR) comes into effect from 25th May, 2018. The law basically requires all technology companies to share any information they collect about the public within the European Union for consent. Companies that fail to adhere to this new policy could face fine up to 4% from their annual revenues.
In order to streamline this process, the Internet Corporation for Assigned Names and Numbers has planned to propose the amount of data website name registrars could collect. As per the rules laid out by the IANN, ‘domain name registrars should collect and display a variety of data points when someone performs a WHOIS lookup on a given domain, such as the registrant’s name, address, email address and phone number’.
The biggest challenge now is that the WHOIS records of customers who have purchased domains is being abused badly and the information is used by scammers, stalkers, and spammers to cause trouble to them. It is said that much of the registrar market is a race to the bottom, and the ability of ICANN to police the contractual relationships in that market effectively has not been well-demonstrated over time. What is interesting is to see how this unfolds and will IANN be able to enact its new proposal before the official law is brought into place. Nevertheless, this will impact businesses and surely create some resentment from the corporate bodies too.
https://www.techradar.com/news/no-new-security-updates-for-windows-7-users-without-up-to-date-antivirus
No new security updates for Windows 7 users without up-to-date antivirus
Microsoft recently announced that the latest security updates would only be for those who are running latest security software, causing a shock to many of its existing customers. Microsoft rolled out the new patches for the Spectre and Meltdown vulnerabilities in Windows 7 and 8.1. However, the patches would only be for those customers who are running compatible security software. For those customers who were not using the right security software, the antivirus programs installed in their computers caused the systems to crash.
To make a workaround to this problem, Microsoft suspended the security updates and informed the antivirus vendors to insert a registry key that would make the antivirus compatible to the new set of security updates.