Kyle Fox's Security News 2023 in Review - F5 SIRT

Intro   I thought we would do a little end of the year roundup of a few subjects I feel are notable from 2023.   I will be publishing an article with some things I am looking out for in 2024 ...
Updated Mar 13, 2024
Version 11.0
f5 sirt
ransomware
security
twis
zamroni777's avatar
zamroni777
Icon for Nacreous rankNacreous
Jan 06, 2024

I learnt the hard way in 2004, during Sasser worm attack, that it is very important to install security patches as soon as possible.
Some Windows computers in the LAN were unpatched but had up to date antivirus, so they are not infected.
However, these computers were still force restarted by virus attack from already-infected computers.
They have to be patched to be completely immune.

Most cybersecurity attacks (wannacry, shell shock, etc.) are based on security bugs which black hackers learnt from patch release notes.
That's why the best defense is installing security patches as soon as possible because black hackers can create the attack tools in just few days.
Moreover, these patches are by default automatically installed by operating systems scheduler for NO EXTRA COST.
Redhat indeed requires subscription for patch access.
So, if you don't want to pay for enterprise Linux, you can use RHEL derivatives (Oracle Linux, Rocky, etc), Amazon AMI, etc.

How to get latest security patches without worry of bugs from new features for Microsoft products?
a. Microsoft Windows: defer Feature Updates for a year. This won't block latest security updates.
b. Microsoft Office: set update channel to Semi Annual Enterprise
c. Microsoft Onedrive/Sharepoint: set update channel to Deferred