443-992-7394

Baltimore Tech News: Third Major IT Security Flaw Discovered This Year

According to the Chinese zodiac were in the year of the Horse, but IT professionals are starting to see it as the year of the bug. With Heartbleed and Shellshock IT security has had a tough enough time keeping up with emerging security threats, but now there’s a new bug on the horizon: Poodle. Working nets is here with the details on this new IT security threat and what you can do to combat it and keep your Baltimore business safe.

So What is Poodle?

Poodle, an acronym which stands for Padding Oracle On Downloaded Legacy Encryption, was discovered, like the Heartbleed and Shellshock vulnerabilities, in a 15 year old technology: SSL 3.0, which stands for Secure Socket Layer 3.0, is a technology that is widely used today to encrypt a user’s browsing session, particularly if they are using a public network or device. The Poodle vulnerability presents the potential for hackers to observe and even hijack a browsing session, taking control of somone’s online banking, email, or social networking accounts. Three IT security researchers at Google announced the discovery of the Poodle vulnerability last month.

How Dangerous Is Poodle?

In response to the announcement the OpenSSL Project,  developers of the most used SSL applications, advised makers of web-browsers to disable support for SSL 3.0. IT security experts seem to agree that Poodle is much less of a threat than Heartbleed or Shellshock, in large part because SSL has been largely superseded by a newer security protocol called TLS. Additionally to pull off an attack the victim must be actively browsing on the same network at the same time as an attacker, giving Poodle a much smaller window of vulnerability.

How Can I Stay Safe?

To be safe, make sure your browser is up to date and not using SSL 3.0. If this is impossible, stay away from using a public network, or network that unfamiliar users can log on to, while conducting secure transactions, managing sensitive emails, or other information that you wouldn’t want others seeing. To make sure your Baltimore company’s sensitive data is being protected, consider outsourcing your IT security to a dedicated professional.

Working Nets

Staying on top of everything can be a hassle, especially if you’re already running your own Baltimore business. Outsourcing your IT can give you peace of mind and allow you to take care of the things that are important for your company.

To talk to someone about managed IT for your small Baltimore business, give us a call at (443) 992-7394. We’d be happy to assist you with your professional business networking needs.

You can also visit WorkingNets.com and follow us on Facebook, Twitter, LinkedIn and Google+

New “Shellshock” Bug Could be More Dangerous than Heartbleed

For the most part, Mac users are safe from viruses and other computer related issues. Hackers have a harder time causing problems for Apple products than they do for PCs. The Heartbleed Bug from a few months ago that caused problems for Internet Explorer users was only a small problem compared to this new bug that is affecting Mac users around the world. This is one of the few instances where Mac OS X as well as Linux have been targeted and a severe problem has arisen as a result. The bug, called “Shellshock” could cause problems for up to 5 million Mac and Linux users.

What’s so Dangerous about Shellshock?

The biggest problem with Shellshock right now is that there’s no easy way for an average user to solve the problem.  System administrators and software companies are the ones that will need to deal with patch issues. Casual computer users are going to have a harder time ensuring their own safety on the net at the moment.

All Mac OS X Machines and most Linux machines use a software program called “Bash” to essentially decode information to make it possible for operating systems to understand information. Your operating system isn’t the only thing that uses Bash, though. It’s used for many different reasons by various applications, which makes computers that are affected incredibly vulnerable. There are already at least 500,000 devices that have been affected, but experts estimate that nearly 5 million could be affected.

What Can You Do to Protect Yourself from Shellshock?

  • Deploy the patch – There is already a patch out to help keep your device safe. Though the patch isn’t completely finished yet, it will protect your device for the time being. If you have outsourced your IT, your IT experts should have already deployed this patch for all Mac and Linux users.
  • Be aware – The best thing that you can do to stay protected is to stay on top of information and keep your system updated. Anytime the option to update your system is available, make sure that you do so. Each update is released for a reason and some are specifically for security reasons.
  • Outsource your IT – Staying on top of everything can be a hassle, especially if you’re already running your own business. Outsourcing your IT can give you peace of mind and allow you to take care of the things that are important for your company.

To talk to someone about managed IT for your small business, give us a call at (443) 992-7394. We’d be happy to assist you with your professional business networking needs.

You can also visit WorkingNets.com and follow us on Facebook, Twitter, LinkedIn and Google+

Source: BBC