Week in review: How is your Meltdown/Spectre action plan progressing?

When it comes to security, small businesses need all the help they can get – and the government made an effort to give them a bit. But with surveys confirming time and again that most small businesses are protecting themselves by the seats of their pants, will things ever change?

Internet of Things (IoT) security has been equally hopeless, although Netgear took a small step in the right direction by offering a router update that protects home networks using IoT security technology from Bitdefender.

The move was part of a growing tide of sentiment that IoT security is fixable, with one pundit arguing the issue is “solvable” even as IoT-based smart-city investments create new urgency around the issue.

Vendors have to be careful, however, that patch-based security functions as intended: Meltdown patches for some AMD-based PCs meant that some PCs refused to boot, with Microsoft warning that incompatible antivirus will also cause problems with the Meltdown fix.

Experiencing problems with the Meltdown fix is likely to be an issue for every CSO, but that doesn’t mean you can avoid it; every business needs a Meltdown and Spectre action plan.

Also working on its action plan was Ubuntu, which revisited its patch after the first version bricked many Linux distributions.

While you’re busy upgrading, you’ll want to consider upgrading your encryption protocol to TLS 1.3.

Also upgrading encryption was Skype which, reports suggested, is tapping into Whisper’s Signal encryption protocol to protect calls and chats.

And, finally, there were revelations that an Oracle WebLogic exploit was helping hackers to seize control of victims’ servers in order to mine Monero cryptocurrency.

Tags MicrosoftbitdefenderBitcoinInternet of Things (IoT)cryptocurrency

Show Comments