Connect with us

Hi, what are you looking for?

Tech & Science

Zero-day software issues are growing in number and seriousness (Includes interview)

Photo: © AFP
Photo: © AFP

In addition, the company said it’s “imperative” that organizations using its Email Security hardware appliances, virtual appliances, or software installations on Microsoft Windows Server machines immediately upgrade to a patched version.

Details about the nature of the vulnerability have not been made public to prevent other threat actors from studying it and launching their own attacks.

Looking at this issue for Digital Journal is Troy Gill, Threat Hunter and Security Research Manager at Zix I AppRiver.

Troy Gill places the latest incident in the context of other major security breaches. Here he notes: “The SonicWall hack is just one the latest in a string of zero-day vulnerabilities targeting email security solutions.”

A zero-day refers to a computer-software vulnerability which is unknown to those who should be interested in its mitigation. This often applies to newly released software. The danger is that until the vulnerability is mitigated, hackers can exploit it to adversely affect programs, data, additional computers or a network.

Gill continues: “For customers and others impacted by any zero-day vulnerabilities, it is imperative that security teams not only complete the necessary solution patching, but that they also conduct a security audit in order to identify, isolate, and mitigate any additional threats.”

Gill outlines some of the things that can be done. Recommendations include: “Changing admin rights and user passwords, and implementing multi-factor authentication should also be built into organizations’ best practices and incident response recovery plans.”

Looping back to the incident at hand, Gill states: “The SonicWall attack is also a proof point for organizations still using legacy, on-premise solutions or applications that have reached end-of-life to consider migrating to newer, more secure solutions in the cloud with auto patching capabilities.”

Gill ends by suggesting: “A final best practice would be the implementation of a backup solution so in the event of a compromise, you can still access your business critical data.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Immigration is a symptom of a much deeper worldwide problem.

Business

Saudi Aramco President & CEO Amin Nasser speaks during the CERAWeek oil summit in Houston, Texas - Copyright AFP Mark FelixPointing to the still...

Business

A recent article in the Wall Street Journal infers that some workers might be falling out of the job market altogether.

World

The security situation in Port-au-Prince has had a direct impact on Haitians.