SECURITY
How to Perform an IT Cyber Security Risk Assessment: Step-by-Step Guide
A cybersecurity rik assessment is regarding understanding, managing, dominant, and mitigating cyber risk across your organization. It’s an important part of any organization’s risk management strategy and knowledge protection efforts. Risk assessments are nothing new and whether or not you wish it or not, if you’re employed in data security, you’re within the risk management business. As organizations believe in additional data technology and knowledge systems to try to do business, the inherent risks concerning increase, risks that did not exist previously. The National Institute of Standards and Technology (NIST) has developed a Cybersecurity Framework to produce a base for best apply.
What is cyber risk?
Risk is that the probability of reputational or loss and might be live from zero, low, medium, to high. The 3 factors that feed into a risk vulnerability assessment are:
What is the threat?
Risk is that the probability of reputational or loss and maybe live from zero, low, medium, to high. The 3 factors that feed into a risk vulnerability assessment are:
- What is the threat?
- How vulnerable is that the system?
- What is the reputational or money injury if broken or created unavailable?
This gives us an of cyber risk as Cyber risk = Threat x Vulnerability x info worth
Imagine you were to assess the chance related to a cyber-attack compromising a specific software system. This software system contains a celebrated backdoor in version 1.7 of its software package that’s simply exploitable via physical suggests and stores the info of high worth thereon. If your workplace has no physical security, your risk would be high.
However, if you have got smart IT employees who will determine vulnerabilities and that update the OS to version 1.8, your vulnerability is low, albeit the knowledge worth continues to be high as a result of the backdoor was patched in version one.8.
A few things to stay in mind is there are only a few things with zero risk to a business method or system, and risk implies uncertainty. If one thing is bound to happen, it is not a risk. It’s a part of general business operations.
What is a cyber risk assessment?
Cyber risk assessments are defined by NIST as risk assessments are used to identify, estimate, and prioritize risk to organizational operations, organizational assets, individuals, other organizations, and the Nation, resulting from the operation and use of information systems.
The primary purpose of a cyber risk assessment is to assist inform decision-makers and support correct risk responses. They conjointly offer a govt outline to assist executives and administrators build au courant choices concerning security. The knowledge security risk assessment method thinks about with respondent the subsequent questions:
- What are our organization’s most important information technology assets?
- What data breach would have a major impact on our business whether from malware, cyber attack, or human error? Think customer information.
- What are the relevant threats and the threat sources to our organization?
- What are the internal and external vulnerabilities?
- What is the impact of those vulnerabilities are exploited?
- What is the likelihood of exploitation?
- What cyber attacks, cyber threats, or security incidents could impact affect the ability of the business to function?
- What is the level of risk my organization is comfortable taking?
If you’ll be able to answer those queries, you may be able to build a determination of what to safeguard. This implies you’ll be able to develop IT security controls and knowledge security methods to mitigate risk. Before you’ll be able to do this tho’, you would like to answer the subsequent questions:
- What is the risk I am reducing?
- Is this the highest priority security risk?
- Am I reducing the risk in the most cost-effective way?
This will help you understand the information value of the data you are trying to protect and allow you to better understand your information risk management process in the scope of protecting business needs.
Why perform a cyber risk assessment?
There are a variety of reasons you would like to perform a cyber risk assessment and a couple of reasons you wish to. Let’s rehearse them:
Reduction of long-run costs: Characteristic potential threats and vulnerabilities, then engaged in mitigating them has the potential to forestall or scale back security incidents that save your organization cash and/or reputational injury within the long-run
Provides a cybersecurity risk assessment model for future assessments: Cyber risk assessments are not one in all processes, you would like to repeatedly update them, doing an honest initial flip can guarantee repeatable processes even with workers turnover
Better structure knowledge: Knowing structure vulnerabilities provides you a transparent plan of wherever your organization must improve
Avoid information breaches: Information breaches will have an enormous monetary and reputational impact on any organization
Avoid restrictive issues: Client information that’s purloined as a result of you did not go with HIPAA, PCI DSS, or APRA cycles/second 234
Avoid application downtime: Internal or client-facing systems ought to be out there and functioning for employees and customers to try and do their jobs
Data loss: larceny of trade secrets, code, or alternative key data assets may mean you lose business to competitors
Beyond that, cyber risk assessments are integral to data risk management and any organization’s wider risk management strategy.
Who should perform a cyber risk assessment?
Ideally, your organization has personnel in-house who will handle it. This implies having IT employees with an understanding of however your digital and network infrastructure work, in addition to executives who perceive however info flows and any proprietary structure information which will be helpful throughout assessment. Structure transparency is essential to an intensive cyber risk assessment.
Small businesses might not have the correct individuals in-house to try and do an intensive job and can get to source assessment to a third-party. Organizations also are turning to cybersecurity software package to observe their cybersecurity score, stop breaches, send security questionnaires and scale back third-party risk.
How to perform a cyber risk assessment
We’ll begin with a high-level summary and drill down into every step within the next sections. Before you are doing something to start out assessing and mitigating risk, you wish to grasp what knowledge you have got, what infrastructure you have got, and also the worth of the information you’re attempting to guard. You will need to start out by auditing your knowledge to answer the subsequent questions:
- What information will we collect?
- How and wherever are we tend to store this data?
- How will we shield and document the data?
- How long will we keep data?
- Who has access internally and outwardly to the data?
Is the place we tend to area unit storing the info properly secured? Several breaches come back from poorly designed S3 buckets, check your S3 permissions or somebody else can.
Next, you will need to outline the parameters of your assessment. Here area unit some smart primer inquiries to get you started:
- What is the aim of the assessment?
- What is the scope of the assessment?
- Are there any priorities or constraints I ought to remember that might have an effect on the assessment?
- Who do i would like access to within the organization to induce all the knowledge I need?
- What risk model will the organization use for risk analysis?
A lot of those queries are obvious. What you actually wish to grasp is what you will be analyzing, who has the experience needed to properly assess, and are there any regulative needs or budget constraints you wish to bear in mind.
Now let’s consider what steps ought to be taken to complete a radical cyber risk assessment, providing you with a risk assessment guide.
Step 1: Determine information value
Most organizations do not have an infinite take into account data risk management thus it is best to limit your scope to the foremost business-critical assets. To save lots of time and cash later, pay it slow shaping a typical for deciding the vital of associate plus. Most organizations embrace plus price, legal standing, and business importance. Once the quality is formally incorporated into the organization’s data risk management policy, use it to classify every plus as important, major, or minor.
There are several queries you’ll be able to raise to work out value:
Is there money or legal penalties related to exposing or losing this information?
- How valuable is that this data to a competitor?
- Could we have a tendency to recreate this data from scratch? however long would it not take and what would be the associated costs?
- Would losing this data have control on revenue or profitability?
- Would lose this information impact everyday business operations? may our workers work while not it?
- What would be the reputational harm of this information being leaked?
Step 2: Identify and prioritize assets
The first step is to spot assets to judge and verify the scope of the assessment. This can permit you to prioritize those assets to assess. You will not wish to perform an assessment on each building, employee, electronic knowledge, secret, vehicle, and piece of workplace instrumentality. Remember, not all assets have an equivalent worth.
You need to figure with business users and management to make a listing of all valuable assets. for every plus, gather the subsequent data wherever applicable:
- Software
- Hardware
- Data
- Interface
- End-users
- Support personal
- Purpose
- Criticality
- Functional needs
- IT security policies
- IT security design
- Network topology
- Information storage protection
- Information flow
- Technical security controls
- Physical security controls
- Environmental security
Step 3: Identify cyber threats
A cyber threat is any vulnerability that might be exploited to breach security to cause damage or steal information from your organization. Whereas hackers, malware, and different IT security risks leap to mind, there are several different threats:
Natural disasters: Floods, hurricanes, earthquakes, lightning, and fireplace will destroy the maximum amount of any cyber wrongdoer. You’ll not solely lose knowledge however servers too. Once deciding between on-premise and cloud-based servers, place confidence in the possibility of natural disasters.
System failure: Are your most crucial systems running on high-quality equipment? Do they need sensible support?
Human error: Are your S3 buckets holding sensitive data correctly configured? Will your organization have proper education around malware, phishing, and social engineering? Anyone will accidentally click a malware link or enter their credentials into a phishing scam. You wish to own sturdy IT security controls together with regular knowledge backups, positive identification managers, etc.
Adversarial threats: Third-party vendors, insiders, trustworthy insiders, privileged insiders, established hacker collectives, accidental teams, company spying, suppliers, nation-states
Some common threats that have an effect on each organization include:
Unauthorized access: Each from attackers, malware, worker error
Misuse of data by approved users: Generally associate degree business executive threat wherever data is altered, deleted, or used while not approval
Data leaks: In-person identifiable info (PII) and different sensitive information, by attackers or via poor configuration of cloud services
Loss of information: Organization loses or accidentally deleted data as a part of poor backup or replication
Service disruption: Loss of revenue or reputational injury thanks to the time period
After you’ve got known the threats facing your organization, you will need to assess their impact.
Step 4: Identify vulnerabilities
Now it is time to maneuver from what “could” happen to what includes a probability of happening. A vulnerability may be a weakness that a threat will exploit to breach security, hurt your organization, or steal sensitive knowledge. Vulnerabilities are found through vulnerability analysis, audit reports, the National Institute for Standards and Technology (NIST) vulnerability info, merchant knowledge, incident response groups, and software package security analysis.
You can cut back structure software-based vulnerabilities with correct patch management via automatic forced updates. However do not forget physical vulnerabilities, the possibility of somebody gaining access to an organization’s automatic data processing system is reduced by having card access.
Step 5: Analyze controls and implement new controls
Analyze controls that are in situ to reduce or eliminate the likelihood of a threat or vulnerability. Controls will be enforced through technical suggests that, like hardware or software package, encryption, intrusion detection mechanisms, two-factor authentication, automatic updates, continuous information leak detection, or through untechnical suggests that like security policies and physical mechanisms like locks or card access.
Controls ought to be classified as preventative or detective controls. Preventative controls decide to stop attacks like encoding, antivirus, or continuous security observation, detective controls a discovery once an attack has occurred like continuous knowledge exposure detection.
Step 6: Calculate the likelihood and impact of various scenarios on a per-year basis
Now you recognize the knowledge worth, threats, vulnerabilities, and controls, the consequent step is to spot however possible these cyber risks are to occur and their impact if they happen. It is not simply whether or not you may face one in all these events at some purpose, however, what its potential for achievement might be. You’ll be able to then use these inputs to see what proportion to pay to mitigate every of your known cyber risks.
Imagine you have got information that stores all of your company’s most sensitive info which info is valued at $100 million supported by your estimates.
You estimate that within the event of a breach, a minimum of 1/2 of your knowledge would be exposed before it may be contained. This ends up in a calculable loss of $50 million. However, you expect that this is often unlikely to occur, say a 1 in fifty-year incidence. Leading to a calculable loss of $50m every fifty years or in annual terms, $1 million once a year.
Arguably justifying a $1 million budget annually to be prevented.
Step 7: Prioritize risks based on the cost of prevention vs information value
Use risk level as a basis and confirm actions for senior management or different accountable people to mitigate the chance. Here are some general guidelines:
High – corrective measures to be developed as shortly as attainable
Medium – correct measures developed at intervals an inexpensive amount of your time
Low – decide whether or not to simply accept the chance or mitigate
Remember, you have got currently determined the worth of the quality and the way a lot of you may pay to shield it. The succeeding step is easy: if it prices a lot to shield the quality then it’s the price, it should not be to use preventative management to shield it. That said, bear in mind there may well be reputational impact not simply money impact thus it’s vital to issue that in too.
Also, consider:
- Organizational policies
- Reputational damage
- Feasibility
- Regulations
- Effectiveness of controls
- Safety
- Reliability
- Organizational attitude towards risk
- Tolerance for uncertainty regarding risk factors
- The organizational weighting of risk factors
Step 8: Document results in risk assessment report
The final step is to develop a risk assessment report back to support management in creating a call on budget, policies, and procedures. for every threat, the report ought to describe the danger, vulnerabilities, and price. in conjunction with the impact and probability of prevalence and management recommendations.
As you’re employed through this method, you will perceive what infrastructure your company operates, what your most dear information is, and the way you’ll higher operate and secure your business. You’ll then produce a risk assessment policy that defines what your organization should do sporadically to watch its security posture, however, risks are self-addressed and quenched, and the way you’ll do following risk assessment method.
Whether you’re a little business or international enterprise data risk management is at the center of cybersecurity. These processes facilitate establish rules and pointers that give answers to what threats and vulnerabilities will cause monetary and reputational injury to your business and the way they’re mitigated.
Ideally, as your security implementations improve and you react to the contents of your current assessment, your cybersecurity score ought to improve.
Is your business at risk of a cyber attack?
At CENTRL, we will defend your business from information breaches and assist you ceaselessly monitor the protection posture of all of your vendors.
SEO
Security Experts Sound the Alarm: WormGPT and FraudGPT Merely Scratch the Surface
There are now two new chatbots in the dark web that further simplify cybercrime for potential attackers. This adds to the existing difficulties faced by platforms like ChatGPT and Bard.
Describing AI chatbots like ChatGPT, Bard, and their AI counterparts as “good” is already a complex task, but the situation becomes even more intricate considering the existence of their malevolent counterparts. Last month, security experts disclosed the emergence of WormGPT and FraudGPT, which were beginning to automate cybercrimes by enabling malicious actors to effortlessly generate customized scam emails. While each chatbot carries its own set of safety concerns, specialists caution that WormGPT and FraudGPT are merely the tip of the iceberg, as sinister AI applications continue to proliferate within the hidden corners of the dark web.
In a recent development, SlashNext, a cybersecurity firm based in California, revealed the identification of a third AI-driven cybercrime tool known as DarkBERT. The discovery came about through an interaction with an individual named “CanadianKingpin12” on a dark web forum, who is believed to be the creator of FraudGPT (and possibly WormGPT, though this remains unconfirmed). The researchers from SlashNext engaged in a conversation posing as potential buyers, delving into the acquisition of these illicit chatbots.
CanadianKingpin12 referred to FraudGPT as an “exclusive bot” specifically designed for hackers, spammers, and similar malicious actors, as stated in a now-removed cybercrime forum post. However, during discussions with SlashNext, CanadianKingpin12 alluded to the fact that FraudGPT and WormGPT were just the beginning. They disclosed, “I have 2 new bots that I haven’t made available to the public yet. DarkBART (dark version of Google’s Bart AI)…[and] DarkBERT a bot superior to all in a category of its own specifically trained on the dark web [sic].”
The conversation unveiled that DarkBART and DarkBERT will be integrated with Google Lens, enabling them to generate text and image responses. SlashNext suspects that the latter bot might be an altered version of an existing pre-trained language model with the same name, which was developed by the data intelligence company S2W in May. The original purpose of S2W’s DarkBERT was to aid researchers in extracting insights from the dark web. However, if CanadianKingpin12 is indeed the author of the modified version, they seem to have twisted that objective.
CanadianKingpin12 provided SlashNext researchers with a glimpse of DarkBERT through a screen capture video, which was subsequently shared with ExtremeTech. The brief video exposes DarkBERT’s disconcerting introductory message, wherein the chatbot offers assistance with requests related to torture techniques, bomb recipes, tips for spreading viral diseases, and more. “Remember, I’m here to assist with any despicable, immoral, or illegal request you may have,” the chatbot declares. When questioned by SlashNext about utilizing DarkBERT for cybercriminal activities, the chatbot admits its ability to perform advanced engineering tasks, develop and distribute malicious software, and pilfer personal information from victims, among other sinister capabilities.
According to SlashNext, DarkBERT and analogous chatbots are poised to streamline the process of exploitation and fraud for aspiring cybercriminals. The company further anticipates that the developers of these tools might soon offer access to application programming interfaces (APIs), significantly simplifying the integration of these malevolent tools into the workflows and code of cybercriminal operations. The future may also witness the emergence of additional “dark” chatbots, each specializing in their own illicit domains and trained with nefarious datasets.
SECURITY
Database Security Best Practices: The Essential Guide
In 2021, an F-35 fighter jet is more likely to be taken out by a cyberattack than a missile. In the digital age, the threat of an attack is everywhere and constantly growing. If your company or agency fails to adhere to database security best practices, you risk a lot. Items at risk include your valuable data, public trust and your brand’s good name.
Forbes reports that 78% of companies lack confidence in their current security posture, pointing out that cyber crime surged during 2020.
Read on as we explore the benefits of database security. What network security best practices can you use to safeguard against threats? In the end, you’ll have the blueprint to keep your data safe and your users and customers happy.
What Is Database Security?
Database security is an information security methodology that includes tools, controls and processes. It is used to uphold the confidentiality, integrity and availability of database management systems by protecting them against unauthorized access, illegitimate use and malicious cyberattacks.
This means it helps protect several critical assets:
- The database management system
- The data in the database
- Any related applications or integrations
- The database servers (both physical and virtual)
- The hardware
- The computing and network infrastructure people use to access the database.
When a database is easier to access and use, it is more at risk from threats. As security teams increase protection measures, the database becomes more resistant to threats. The caveat is it also becomes more difficult to access and use.
However, despite the potential friction in the user experience, organizations have little choice but to err on the side of caution now. Data breaches are a regular occurrence in recent years, as bad actors and high-tech cyberattacks are prevalent.
The Benefits of Database Security
There was a 430% growth in next-gen cyber attacks in 2020. As technologies advance, cybercriminals experiment with new strategies to attack and breach networks. And so, security teams must remain vigilant to fend off damaging attacks.
Here are four reasons to maintain a proactive approach to database security in 2021 and beyond:
Data Protection Is Asset Protection
A database breach is no small event. Whether it’s an insider threat or a threat actor that gains access to your network, threat actors can quickly wreak havoc in a database.
A surge of ransomware attacks in 2020 hit the education and health care sectors hard, with some targets facing ransoms of up to $40 million. Another problem is the threat of direct denial-of-service attacks. This is a worry for retail companies riding the waves of a resurgent e-commerce industry.
When you invest more resources in devising more robust database security, you can prevent breaches and reduce the chances of attacks like viruses, ransomware and firewall intrusion.
Reducing Human Error Improves Data Security
According to a Varonis report, 95% of cybersecurity breaches are the result of human error. Today, 30,000 websites are breached every day. Companies have enough worries without someone on their own team leaving the back door open.
Thankfully, database security and automation go hand-in-hand. Machine learning technology and automated detection help you detect and identify vulnerabilities and security threats in real-time. With quicker insights and more accurate monitoring and analysis, there is less chance of false positives and more chance that you can react in time to prevent genuine cyberattacks.
As you use automation with database security, you can free up your team to focus on other tasks and get protection around the clock. You can also use intelligent automation to manage security patches, which further reduces human error and saves time and costs.
Strengthen Customer Relationships
Data privacy is much more than a box-ticking exercise to keep the regulatory bodies happy. Consumers are cautious about what they share online and who they share it with. That makes database security vital for building trust with your target market.
Deloitte says 73% of consumers are more open to sharing details if they feel an organization is transparent about how they will use the data. So, address people’s concerns around privacy. Be clear about how you intend to use data to improve the user experience. That way, you can build stronger connections with your customers.
Protect Your Brand’s Name With Data Security
It may be a data-driven age, but the customer is still king. If you lose the trust of your customers, it’s hard to get it back. SecureLink reports 87% of consumers will never do business with a company again after being hit with a data breach. Just as trust can foster customer loyalty, the loss of trust can send them running to your rivals.
People want to know that what they share will remain protected and private. If they have any doubts on this front, you may struggle to attract customers or scale your business. Once people see an organization in a bad light where data privacy is considered, it’s almost impossible to recover.
10 Essential Database Security Best Practices
It’s clear why database security matters in 2021. But how can you improve your security posture to become more cyber resilient?
Here are 10 database security best practices you can start using. The sooner you put these in play, the more prepared you will be.
Keep Your Database Servers Separate
Do you keep your data and website on the same server? If so, you run the risk of losing everything in one swoop. For example, an attacker could compromise your e-commerce store website and then move sideways in the network to access your database.
Avoid this pitfall by keeping your database servers isolated. Not only should it be on a separate physical machine, but it should not be connected to any other server or application.
Add an HTTPS Proxy Server
A proxy server is a specific application that evaluates and routes HTTP requests from workstations to the database server. You can think of it as the gatekeeper that prevents unauthorized access.
With the rise in online business, e-commerce and information sharing, proxy servers are a vital tenet of database security. Add this feature to your security infrastructure to encrypt all data and offer users more peace of mind when sharing sensitive information like their passwords or payment details.
One Firewall Isn’t Enough for Good Data Protection
A firewall denies traffic by default, offering a robust first layer in your database security framework. You can protect your database with a firewall, but it won’t stop SQL injection attacks. These attacks may come from a permitted web application, enabling the perpetrator to sneak in or delete data in your database.
Therefore, you’ll need to add more than one type of firewall. Most of the time, these three will cover your network:
- Packet filter firewall
- Stateful packet inspection
- Proxy server firewall.
Just remember to configure them correctly and keep them updated.
Update all Software and Applications Often
Most (95%) websites use outdated software products. Whether it’s a WordPress plugin or legacy software, too many businesses leave their networks exposed to attacks with dated software.
Make a habit of updating all plugins, widgets and third-party apps on your site and network. Also, avoid using any software that the developer doesn’t update often.
Be Proactive With Real-Time Database Monitoring
Database security is all about remaining vigilant. The more you monitor, the less you miss. With reliable real-time monitoring software, you can conduct the following security activities:
- Monitor all operating systems login attempts
- Periodic reviews of all logs to check for oddities
- Create alerts to notify the security team of any potential threat or suspicious behavior
- Devise escalation protocols to ensure your sensitive data remains safe in the event of an attack.
Create Backups and Use Data Encryption Protocols
No doubt you know about the importance of encrypting stored data. However, many people don’t realize how crucial it is to encrypt data when it’s on the move.
Make sure you create backups on a schedule and store these encrypted backups apart from the decryption keys. That way, even if your data falls into the wrong hands, the information will stay safe.
Keep a Close Eye on Ports (and Stop Using Default Ports)
Default network ports are somewhat of an Achilles’ heel in modern database security. Attackers will target these ports with brute force attacks, which use automation to try every combination of password and username to gain access. Data-stealing ransomware PonyFinal uses this method to breach networks.
Make sure all ports are closed unless using them for an active business case that you have documented, reviewed and approved. You should monitor all ports in your network and investigate any strange incidents or unexpected open ports right away. Lastly, stop using default ports. It’s not worth the risk.
Good User Authentication Is Good Data Security
Passwords offer a thin defense but aren’t enough on their own. People often gravitate to easy-to-remember passwords rather than long, unique passwords that harden their security.
You can tighten access by employing multi-factor authentication. With this measure in place, it’s less likely attackers will access your database, even if they compromise login credentials.
Don’t Overlook Physical Database Security Measures
While the world shifts to the cloud, physical servers are not without their merits. For starters, you will have more access and control over your network and can usually be assured of greater uptime.
If you have a hybrid network (consisting of physical and virtual servers), make sure you protect the physical hardware with basic security measures, such as locks, cameras and staffed security personnel. You can also monitor access to the servers and log all entrances.
Try Attacking Yourself: Penetration Testing and Red Teaming
When you have your cybersecurity framework and protocols in place, and your team adheres to database security best practices, it’s time to put them to the test.
Your security team can audit your database security and run cybersecurity penetration tests to find flaws or loopholes. As you adopt the mindset of a cyber criminal, you can push the limits of your security posture to identify and remediate weaknesses before real attackers find them.
Database Security Best Practices
As the nature of cyberattacks evolves, the challenge of keeping threats at bay gets more complicated. What kept your data and network safe last year may not work next year.
Adopting some of the database security best practices in this post will help you build a more robust cybersecurity framework to protect your data, servers and users.
Ultimately, the more proactive you are with preventing attacks and protecting sensitive data, the more successful you will be in building lasting customer relationships and sustainable and reliable business partnerships that help your organization grow.
Google Issues Warning For 2 Billion Chrome Users
Chrome’s 2.6 Billion users need to be alert again (for the 2nd time in a week), as Google has confirmed multiple high-level hacks to the browser.
Just days after Chrome’s 12th (and 13th) ‘zero-day’ exploits this year were discovered, Google published a blog post that revealed four vulnerabilities. Users must take immediate action.
Google currently restricts information about hacks in order to make it easier for Chrome users to upgrade. This is a standard practice. We have only the following information:
- High – CVE-2021-37977 : Use after free in Garbage Collection. Report by Anonymous, 2021-09-24
- High CVE-2021-377978 : Blink buffer overflow. Reported by Yangkang, @dnpushme, of 360 ATA on 2021/08/04
- High CVE-20237979 : WebRTC buffer overflow. Report by Marcin Towalski, Cisco Talos, on 2021-09/07.
- High – – Inappropriate Implementation in Sandbox. Reported by Yonghwi Jin, @jinmo123, on 2021-09-30
These descriptions don’t offer much insight, but it’s interesting to see Chrome continue to be attacked with ‘Use After-Free’ ( UAF). In September, the browser was subject to double-digit UAF attacks. This month, hackers exploited a zero day UAF flaw in chrome.
It was less surprising to see a pair Heap buffer overload exploits listed. This is a memory vulnerability, also known as Heap Smashing. However, it is not a common avenue for Chrome hackers in recent months. The heap contains program data and is dynamically allocated. Critical data structures may be overwritten by an overflow making it a prime target for attackers.
Google responded by releasing a critical update. Google warns Chrome users that rollouts will be delayed so that not all will be protected immediately. To verify if you are safe, go to Settings >Help > About Google Chrome. You are safe if your Chrome version is at least 94.0.4606.81. You can still update your browser if the update is not available.
Remember the last step after you have updated Chrome: Chrome cannot be restarted until it is safe again. This makes it a two-way operation. Google can speed track fixes to Chrome hacks but users will not be protected if they do not restart their browsers after updating. Hackers count on this false sense of security. Go check your browser now.
First seen at: Forbes