In a recently released data security e-book, Microsoft takes an interesting stance on how to handle potential breaches. The post-breach plan assumes than an attack has already taken place, and gives you concrete steps on how to proceed.
In the pre-breach section of the plan, the e-book reminds us of the importance of anti-virus software that functions as a gatekeeper of sorts. It should offer real-time protection, examining every single one of our files and removing threats if detected. However, it is not a good safeguard against social engineering and ransomware.
The post-breach section of the e-book assumes the attack before it takes place. Anomaly detection algorithms and monitoring security events on the endpoint are there to alert us of an attack. Microsoft’s Windows Defender Advanced Threat Protection is a post-breach solution that allows enterprises to respond to advanced cyber-attacks.
In other industry news, certain popular passwords managers were found to be leaking passwords. The following apps were found to be problematic:
– F-Secure Key Password Manager
– Dashlane Password Manager
– Informaticore Password Manager
– Avast Passwords
In one of the programs, the SIK Team of researchers has found a program was storing the passwords in plaintext/crypto algorithm, which allowed them to gain access to the credentials.
In another case, they could take advantage of a “residue attack” which allowed them to access the master key that the application stores.
Thankfully, their report stated that the vendors of these apps have now fixed the problems.