Patching routines examined by penetration testing services


June 10, 2012

Fake software updates have been identified as being pushed through free Wi-Fi in cafes and hotels – prompting security professionals to warn travellers to keep their software up to date before they head abroad.

An alert was issued by the Internet Crime Complaint Center on May 5 that said recent intelligence operations by the Federal Bureau of Intelligence (FBI) has uncovered malicious applications being spread through wireless connections in a range of hospitality venues.

According to the report, travellers attempting to access these Wi-Fi points have encountered a pop-up window that seems to be guiding them to update “a widely used software product”.

“The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available,” said the report.

On clicking the button to accept this ‘upgrade’, malicious programs would be downloaded and installed that could compromise the device’s integrity.

The report states: “The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products on their hotel Internet connection.”

While regular audits and upgrades can help to make a difference in defending digital assets from outside intrusion, a penetration testing service can provide the insight and training they need to instil security-conscious behaviour in all travelling staff members.

Leave a Reply

Your email address will not be published. Required fields are marked *