White hat hacker is accused of hacking Bulgaria's tax office
infosec

White hat hacker is accused of hacking Bulgaria's tax office

An expert in the field of cyber security and white hat hacker, who is accused of hacking the data more than ...
Read More
infosec

FSB: Hackers have violated the Russian Security Service!

Hackers have violated the servers of the Russian Federal Security Service (FSB) by gaining access to 7.5 terabytes of data from a major Sybate FSB contractor. The...
Read More
infosec

Chrome & Firefox extensions stole millions of data

A huge leak of data was discovered by security researcher Sam Jidali and his team. Leakage came from 8 ...
Read More
infosec

The first Online Mobile Malware Observation for Android from Upstream

Secure-D, the Upstream security platform, the leading Greek technology company, launches the first online Mobile Malware Observatory with ...
Read More
infosec

Password Alert: 72% of users are recycling passwords!

Password Alert: Users recycle the same password on average four times, according to a Security.org report ....
Read More
Latest Posts

Software: Sensitization of organizations about vulnerabilities is incomplete

Over the years, the need for security is clearly necessary. Those who are computer users or Internet and they enjoy the limitless possibilities that they are given everyday they need to know their imperfections. The vulnerabilities of the software are causing many of the problems, but also the need for repair.

Software

We should not forget, of course, that like all the software has created people and is expected to have mistakes. Just in cases where these errors burden critical systems, it is imperative to deal directly with them. The various defensive mechanisms that have been created over the years, such as the WAFs (Web Application Firewalls), are very helpful but they do not fix it. Some bugs need to be repaired.

Both the private and the public sectors are often at risk and then hit. Now, the public sector and the government are using software that may harm them. This is why the United States Department of Homeland Security (DHS) has issued guidance for US government agencies. These repairs are very important.

Of course, it is a fact that there is a relative inability from the agencies in relation to the repair of vulnerabilities in the software. Proof of this is that for serious vulnerabilities, the average repair time exceeds one month. The time they need hackers to access a vulnerable software? Sometimes it takes only a few hours.

Sometimes the solutions used are not appropriate. Other times, human resources are not enough and the priorities that come in are not the right ones. As a result, many departments operate without staff. Dealing with a solution is usually fragmentary, which means that the systems remain unattended for days or weeks until the next test and development cycle.

The new Ministry's instructions request a reduction in the days needed for the repair, in 15 calendar days and 30 days to apply corrections. In addition, the ministry will communicate with the departments on 15 days and if no change is made, it will be waiting for explanations.

However, simply reducing time is not enough to protect an organization's systems from attacking. Even organizations that follow the DHS command may be vulnerable to attack for up to 15 calendar days, since there is enough time for an attacker to discover and exploit a vulnerable software.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *