The week in security: Router exposure highlights risk of 7-day vulnerability gap

Elimination of North Korea’s arsenal of nuclear weapons may be front and centre at the moment, but the US government was warning that North Korea has updated its arsenal of RATs and worms. Yet that wasn’t the only source of threats, with the FBI warning that users should reboot their routers to avoid Russian malware.

Given that cybercriminals have an average of 7 days to compromise your network with a new vulnerability before you patch it, that could present a not-insignificant problem for critical businesses and government agencies that face the wrath of politically-minded groups.

That could be an even bigger problem than usual thanks to the increasing dependence of connected ‘smart cities’ on the integrity of their systems – driving many to argue for the importance of better cybersecurity-focused analytics.

Better data analysis has also been tied to improvements in compliance and data privacy, with many organisations still struggling with semantic issues stemming from GDPR’s terminology.

The security capabilities of Microsoft’s Windows 10 have helped bolster its adoption within the enterprise, but consumer adoption of Apple products is also pushing up the numbers for Apple’s macOS, according to new figures.

Also on the platform front, Google’s Chrome developers were weighing up their options for stopping attacks that leverage the Spectre CPU bug.

If you’ve ever seen users’ eyes glaze over when you start talking about privileged accounts, two-factor authentication and penetration testing, you’re probably running into a conceptual brick wall that stems from the fact that most users see security as being a matter for passwords and nothing else.

The annual AusCERT security event saw some innovative security projects recognised with awards – and a reminder that CSOs need security attacks like a nail in the head.