If you run Windows
You deserve everything you get. Suck it up.
Security experts spent years warning enterprises to expect cyberattacks and to plan their defenses accordingly, now Sophos researchers are saying organizations shouldn't be surprised if they get attacked multiple times. In a 23-page report [PDF] released this week in time for Black Hat, the researchers unwind the multiple …
It's interesting that they break different versions of Windows out as distinctly different categories, whereas, say, Debian, they list all CVEs under a single category logged back to 1997.
But working with this, and very roughly speaking based on publication date, Debian has 6677 CVE vulnerabilities going back to 1997, averaging 267 a year, and Windows 10 has 2839 going back to 2015, averaging 406 a year. Not so clear cut, is it. And that does not differentiate between Debian used as a desktop, and Debian used as a server, whereas Windows 10 and Windows Server 2016 are counted as different products.
I know that many of the Windows vulnerabilities will overlap between the different Windows versions (as the different Linux distros do as well), but I wonder what the comparison would look like if they aggregated all of the different Windows versions, and eliminated the duplicates.
This is another case of lies, damn lies, and statistics.
I see attack attempts almost every hour of so, 365 days a year so I'm reasonably confident that my corporate defenses are functional, I am only concerned when we have days when the attack efforts are virtually never seen - if the mail server doesn't report any virus deliveries then I check everything to make sure that we haven't been eaten. We've been OK for about 20 years now but we started seeing daily phishing and virus deliveries after our first sales to China - I'm not accusing China, I just think that our customers there were all hacked easily in the early days.
Malware deliveries are normal everyday now aren't they?