The year 2016 will be marked as the best year for ransomware and cyberattacks. Advanced Persistent Threats (APT’s), ransomware, targeted phishing attacks and Social Engineering has been used by hackers to extort sensitive information. As per reports, there have been around 500 data breaches and more than 500 million records have been exposed in this year itself. Some of the major data breaches are : MySpace (where 427 million records have been leaked), Dropbox (68 million user data has been breached) and LinkedIn (117 million user emails and password details have been hacked). Be it Healthcare, Financial or Governmental Sector; each industry has seen data breaches that exposed lack of cybersecurity and risk management among businesses and organizations. No one company or individual has been spared - whether it is a small target or big.
Vulnerabilities are growing each year and a major concern for cybersecurity is the ever growing and increasing complexity of patching systems and applications. “Patch Management” is critical to every company as it can mitigate more than 80% of cyber threats. Companies generally use a list of applications in order to make their business function, that help with accessing emails, browsing the internet, running videos, listening to audio/music, mathematical calculations, simulations etc. Employees depend on these applications to have their businesses running. However, more often than not, employees forget that these applications do and will have vulnerabilities which makes companies more exposed to cybercriminals. Some applications pose greater vulnerabilities and unless the systems running these applications are locked down significantly, the best alternative is to blacklist or remove these applications completely.
Few such applications are :
1. Apple QuickTime for Windows
Apple Inc., has decided to discontinue this application for Windows this year. The app is no longer being updated and these security flaws or any newly discovered vulnerabilities will unlikely be fixed. Unless you want a hacker to exploit the application and take full control over your computer, you need to immediately blacklist it and remove it from all your systems.
2. Adobe Flash Player
Cyber criminals have been exploiting it for many years and Flash Player has very poor record for security and vulnerabilities, with more than 100 CVE (Common Vulnerabilities and Exposures) published in the past 4 years. Once breached, the application allows hackers to listen to your conversations and use your web camera. It is suggested you blacklist this app; however incase you need to keep using it, make sure you have latest versions of web browsers in your system.
3. Old Versions of Oracle Java
Java is being updated frequently - patching and updating and updating to stay safe and secure. Many browsers even today stop allowing you to run and execute older versions of Java so that helps limit the exposure. However, if you have old and highly vulnerable versions of Java installed in your system, it is necessary you blacklist and remove it completely.
4. Microsoft Office 2007
Again, with constant updates and versions provided by Microsoft, it is highly unlikely that you still use Office 2007. Make a note that Microsoft Office 2007 is about to officially end extended support in October 2017 and with mainstream support already ending in 2012. That means, there will be no further security updates which will leave your system vulnerable to exploits and cyberattacks. In case you are using Microsoft Office 2007 it is recommended to upgrade to the latest version