Update on Meltdown and Spectre Exploits

Three months ago, the industry was on high alert due to the publication of two new security exploits: Meltdown and Spectre see my prior post on this topic.

Since then, Authentic8 has aggressively updated its software at both the system and application level, from kernel to browser (and every patch in between). We have been actively monitoring our systems for security issues, as we always have and will continue to do.

These attacks did not represent a qualitative change in the security landscape but were a reminder that threats are always present. Some are known; most are probably not.

The Meltdown and Spectre threat reminds us that monitoring and rapid response are vital to our security and, by extension, the security of our customers.

While we haven’t seen any in-the-wild exploits that take advantage of Meltdown and Spectre, security breaches attributed to the lack of basic IT hygiene continue unabated.

We encourage you to re-assess - continuously - your basic security hygiene:

  • Are you current with patches? Is your firewall configured properly with unnecessary ports closed?
  • Have you segregated network access to your critical resources?
  • Are you aware of what's published in the cloud and what the respective access permissions are?

Almost daily, new data breach headlines remind us that major IT security issues are caused by or related to basic security gaps like these.

While the cybersecurity world continues to get more complex, IT can't afford to reduce the focus on basic security hygiene.

Authentic8 remains committed to providing the best possible security. We will continue to closely monitor new developments and work with our security partners to keep our customers and their data safe.

Kevin Lund
CTO Authentic8, Inc.