Breach Alert
“With the Windows 10 May 2020 Update, version 2004, now released, Microsoft has detailed the Windows 10 features it’s no longer developing and features it’s removed. Features that are no longer under active development are those that Microsoft might remove in a future update. With every major Windows 10 release, Microsoft details features of the operating system that it stops developing and removes. The three features Microsoft is no longer developing in Windows 10 2004 include Companion Device Framework, the legacy Microsoft Edge browser, and Dynamic Disks.” (zdnet.com, 2020)
And these aren’t the only features Microsoft is deprecating and/or dropping. The list goes on! “Features removed from Windows 10 version 2004 include Cortana, Windows To Go, and Mobile Plans and Messaging apps. With the latest release of Windows 10, Microsoft decided to release its Cortana assistant as a standalone app. This version of the Cortana app was made available this week for systems running Windows 10 version 2004. Microsoft plans to update and improve the app via updates from the Microsoft Store over the coming months. Eventually it will integrate Cortana with Teams so that people can use voice commands on the Teams, mobile clients.” (zdnet.com, 2020)
While Microsoft openly noted the list of features we will and are seeing changes to, a different feel of the story was being written for Cisco. Instead of a story of anticipation, Cisco was forced to announce a story or angst.
“Cisco has disclosed a security breach that impacted a small part of its backend infrastructure. In a security alert, Cisco said that hackers used a vulnerability in the SaltStack software package, which Cisco bundles with some products, to gain access to six servers:
- us-1.virl.info
- us-2.virl.info
- us-3.virl.info
- us-4.virl.info
- vsm-us-1.virl.info
- vsm-us-2.virl.info
The six servers provide the backend infrastructure for VIRL-PE (Internet Routing Lab Personal Edition), a Cisco service that lets users model and create virtual network architectures to test network setups before deploying equipment in real situations.” (zdnet.com, 2020) The company went on to state that it patched and remediated all of the servers on May 7th.
How it Could Affect You
With regards to Microsoft’s announced updates and D-dates, you just need to be aware of them to keep your systems and personal devices working at optimal levels. Additionally, anytime functions are no longer supported, you can almost guarantee that hackers take that as an opportunity to release fake update schemes to infiltrate your devices and networks. At least when you know what is no longer supported, you’ll also know that there couldn’t possibly be a valid update for it.
The issue noted by Cisco is not localized to their backend infrastructure alone. “Cisco says that two of its commercial products also bundle the SaltStack software package as part of their firmware. These are the aforementioned Cisco VIRL-PE, and Cisco Modeling Labs Corporate Edition (CML), another network modeling tool. Both VIRL-PE and CML can be used in Cisco-hosted and on-premise scenarios. In case companies use the two products on location, Cisco says CML and VIRL-PE need to be patched. The company has released software updates today for both products that incorporate fixes for the two SaltStack vulnerabilities that were utilized to breach Cisco’s VIRL-PE backend.” (zdnet.com, 2020)
Per ZDNet, “in most of the past incidents, victims said the hacker breached SaltStack servers and installed a cryptocurrency miner. Cisco did not elaborate on the nature of its breach. SaltStack, also known as Salt, is a type of software used in data centers that allow administrators to cluster multiple servers together and control them from a central location.” (2020)
Hodgson Can Help
Here at Hodgson Consulting & Solutions, we specialize in securing data and information loss prevention for companies with multiple locations and/or a remote workforce. We offer full solutions for your IT needs, not just Band-Aid fixes. Contact us to receive a FREE Cyber Security Risk Assessment and also learn more about our Managed Security Service Plans. Contact our office today at 847-906-5005.
