What Are CVEs?
CVEs are Common Vulnerabilities and Exposures--Backdoors, holes, and weaknesses. All computers ship with them and software creates them when you install it. New CVEs are discovered daily. Over 8,500 known CVEs exist.
How Exactly Do Hackers Use CVEs?
CVE: You install a software package that opens a port. That port may be one that Blaster or MyDoom uses to take over the computer.
CVE Some computers ship with an operating system that has several directories shared by default. Hackers know about those directories & can gain access through them.
CVE A commonly used program installs a default password. Hackers know that password & use it to sneak in.
How Are CVEs Hackers Exploit Worse Than Computer Viruses?
CVEs Leave Entryways Open
CVEs are hidden and can be a challenge to find. Yet they are leaving the door open for intrusions on your network.
CVEs Are Not Removed
by Anti-Virus
Even after you remove a virus, it can attack again by using the CVE--the CVE is still there. Anti-virus programs remove only the virus; they do not remove the CVE.
All It Takes Is a Single CVE...
All it takes is a single CVE on a single system for a hacker to gain access to your entire network. You can be hacked and not even know it. No wonder identify theft is so rampant today.
What Can I Do About CVEs to Stop Hackers?
Audit Daily: You can audit your systems for CVEs using a vulnerability management appliance like PredatorWatch Auditor. You should audit every day.
Quarantine: Let Auditor quarantine systems with vulnerabilities to keep hackers from accessing them.
Repair: When you receive Auditor reports, follow the instructions to remediate vulnerabilities found. In many cases, the report provides a point-and-click link.
Use Auditor to help you both develop a security policy and follow it diligently.
|
 |
|
|
Auditor XL-10, audits from 10 IPs; 400 MHz, 64 MB DRAM
Auditor XL-UNL, audits up to 254 IPs; 400 MHz, 128 MB DRAM |
|
