Monday, October 16, 2017

Tech Security Black Monday

It's not a good day for IT security. Two vulnerabilities were announced today, one affecting WiFi for almost everyone, and another that affects public key encryption.

Those who know me are aware that I often relate to most conversations about IT security as alarmist, and often find measures taken in Enterprise security to be self-defeating.

But this time, it's different.

This time the scope of these vulnerabilities is so widespread that many are calling this Black Monday.

The vulnerability in the WiFi security protocol WPA2 affects nearly all vendors, devices, and especially public WiFi.

This security PSA from WordFence describes the issue in more detail.

The quick synopsis of their recommendation. Patch your devices this week when the updates become available. Update your phone, your tablet, and your laptops.

And if you operate a WiFi router (most everyone does, in their home), pay attention this week to find out how to apply the update.

In the meantime, be thoughtful this week about where you use sensitive information that exposes your bank accounts and personal identifiable information.