Android Devices MUST be Updated + IT Departments Being Cut as Privilege Escalation Escalates
Today’s post is short, but not so sweet.
I imagine it may feel like a lot of our blog posts contain “cautionary” content. In part, that’s because cybersecurity attacks are on the rise; in part it’s because December is a particularly challenging month. People are a little distracted at this time of year, and bad actors take full advantage of this.
As for the other part (assuming we get 3 parts – smile) we want to help ensure nothing untoward happens to you and your network. That would be an awful way to start the holidays.
The first item on our list today: According to the December 2023 Android Security Bulletin, Android phones need to be updated right away, because a vulnerability has been detected that could enable someone to take over the device remotely, without the rightful owner needing to do anything. Even if the user doesn’t click on a cute malware-laden image, or something else in a phishing email, their phone could be compromised. And so could your network, if they use that phone to log on to work, or to access any of your apps.
#2: At a time when privilege elevation exploits are increasing (a 50% increase in the past 18 months), nearly half of organisations are planning to reduce their cybersecurity headcounts. If you read the full December 6, 2023 CSO Online article, you’ll see that lack of funding, as well as difficulties in finding qualified people, are two key reasons why this is so.
Some firms are compensating by hiring outside firms to add much-needed additional resources, without having to increase payroll. Others are reviewing their breach preparedness protocols and security response procedures. If you are considering a Managed Services approach, or would like help assessing your vulnerabilities and/or reviewing your breach preparedness plan, we can help.
.webp)