Friday, September 15, 2017

When the clouds prevent you from seeing the sun

At the end of the 80's a TV serie was broadcasted that despite not belonging to that generation is familiar to many of our Spanish-speaking readers. From that series comes an expression up: "Living in the worlds of Yupi," which has come to us today as a popular culture phrase. Its meaning is similar to "being in the clouds." This saying refers to someone who lives away from reality in a fantasy world in which everything is positive and problems have no place.

As the population has easier access to technological devices, the complexity of the attacks grows, and new forms of aggression emerge every day. All of us (or almost all) have access to devices or programs which we are barely conscious of being assaulted daily. In "The best of the Week" we want to make a kind of information scanning of all those attacks that occur around while we live in "the worlds of Yupi".

Earlier this week, there was a kernel bug that affected Windows versions released more than a decade and a half ago. This error was caused by a programming error that affected the Windows 10 version as well as older versions of the operating system. The bug remains unresolved today and a patch is expected to be released soon.

Android users should also keep an eye out. We started the week with another "infectious" new update. In case of having a previous version to Oreo´s one probably you are in danger. This bug creates fake screens on the terminal hiding the user what is really happening in the background. The company recommends downloading applications exclusively from Google Play until the patch to fix the problem is released.

A little bit more secure are those who use the FreeXL open source library. It was discovered that some functions of the library were being affected. The criminals came to the user through an Excel specially designed to be opened through an application that Liberia FreeXL uses. Users can now breathe easy as this bug was solved by releasing a patch that solved all this mess.

Alarming was to hear about this other news: something at first sight as harmless as Bluetooth is also being used by criminals to extract information. Most troubling is that these attacks could be received without even clicking or downloading a file, no interaction is required. The only requirement to be attacked is to have Bluetooth enabled on the terminal, which unfortunately is enabled by default on many devices. The way to stop these attacks has not yet been found, so for the moment the only way to be held is to turn the Bluetooth connection off if it is not being used.

Even in its decline Flash is in the spotlight. Flash death is an imminent event but still has dark eyes on it. In midweek we discovered that two critical problems had been found in Adobe Flash Player. These errors gave access to remote code execution. The last update of the program solved these problems, and so it will be until the end of the days of Flash.

From CIGTR we don´t want to spoil the party but it is always time to be aware of the dangers that are preying day by day. Knowledge is power, and it is also an infinite source of security which enables us to know that a simple update or deactivation of a resource can save ourselves a great deal of upheaval and bother. And now, after visiting the dark side, returning to our "fantasy world" is possible, as long as we try to be informed.


Post a Comment