/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
/socialsamosa/media/member_avatars/uFf1SrIk167BQ4yXdoHx.png )
Follow UsMUMBAI, INDIA: Websense Security Labs recently processed a sample data set from the Websense ThreatSeeker Intelligence Network to investigate the security risk from popular applications and services.
We determined enterprise and public sector networks are inadvertently leaking information, which could be used by a threat actor as intelligence to craft specific attacks and compromise networks.
One troubling thing we observed is Windows Error Reporting (a.k.a. Dr. Watson) predominantly sends out its crash logs in the clear. These error logs could ultimately allow eavesdroppers to map out vulnerable endpoints and gain a foothold within the network for more advanced penetration. Here's more on why that's a concern:
* 80 percent of all network-connected PCs use it - that's more than one billion endpoints worldwide.
* Dr. Watson reports information that hackers commonly use to find and exploit weak systems such as OS, service pack and update versions.
* Crashes are especially useful for attackers since they may pinpoint a new exploitable code flaw for a zero-day attack.
* Information is also sent for common system events like plugging in a USB device.
Alexander Watson, director of security research, Websense, will be presenting advanced findings related to this research at the 2014 RSA Conference in San Francisco - "Using Anomalies to Detect Advanced Attacks - Before It is Used Against You" on Tuesday, February 24, 2014, at 4 p.m. PT.