Security Vulnerabilities Affecting Remote Workers

settings android tab

As a remote worker you wonder, do these computer hacks and vulnerabilities affect me?

When the news posts notices of security vulnerabilities, data breaches, and exploits it is difficult to know which matter most. The common advice given to the user is the same. You should enable automatic vendor software updates, check for new software releases, use multi-factor authentication, beware of attachments in email, and other commonly repeated counsel. This is all good advice.

What else do I need to know?

The questions to ask to evaluate risk depend on each individual situation. For example, Do I have an affected device? Is it easy to exploit? Is anyone trying to leverage the weakness? Is a fix available? How do I know if my system has the problem?

No one can answer these questions for you. If you work from home, are a digital nomad, or an independent remote worker without a corporate information technology department, you must do your own assessment. A corporation’s enterprise network infrastructure will have tools like intrusion detection, network scanning, and asset monitoring not available to a gig-working contractor or home-office user.

Posts here are ones I notice as relevant to the remote worker. Importantly, these have recent “exploits in the wild” meaning bad actors have shifted their focus on weakness which may have been known to exist for years. Additionally, there are links to resources which may be useful if you are your own technical support.

A self-reliant remote worker has the responsibility to maintain their own work environment. Your work depends on protecting your digital information. Exposing control and access of your products to unknown and unauthorized villains not only risks your deliverables but damages your reputation and exposes potential data loss from you and your clients and coworkers.

Common platforms from Microsoft, Apple, Android, etc., are both frequently exploited and fixed. The general advice applies. Allow or get the frequently published vendor updates and apply them.

Here are posts of recent active exploits relevant to a work-from-home or remote employee, and not typically mentioned in the news. Opinions, assessments, and views are my own, and not associated with any other organization.


Cybersecurity Posts

  • Turning Digital Nomads into Cyber Criminals

    How does someone follow the path to into cybercrime? Is it naïve desire for employment or curiosity leading to an illicit side-gig?

    Continue Reading

  • Remote Work Cybersecurity Report, 2022-05-13

    Friday the 13th falls on a Friday this month. Should you exercise even more cybersecurity awareness? I suggest no less than any other day. Hackers are just as likely to prey on superstitious beliefs as any other. This week the there is a chance for a remote worker or digital nomad to strike it big,…

    Continue Reading

  • Remote Work Cybersecurity Report, May 7, 2022

    I have seen stunningly bad habits from IT professionals regarding access, authentication, and general computing security. My favorites include using administrator auto-logon without a password, passwords such as “8675309” or just “password”, freely shared domain-level administrative accounts, the cliché sticky-notes on a monitor, and not updating known vulnerable software because something bad might happen. Similarly,…

    Continue Reading

  • Remote Work Cybersecurity Report, April 30, 2022

    If there were a theme for this week, it would be trojans, malware, and mischief. Evil lurks in unwanted packages and links. Those who live the digital nomad lifestyle, seeking remote work, means relying on email, paperless documentation, and emerging cryptocurrencies and the NFT market. We lean on our software tools for physical and financial…

    Continue Reading

  • Remote Work Cybersecurity Report, April 24, 2022

    This week is a hodge-podge rollup of warnings, threats, and vulnerabilities. There is something for everyone, bloggers, website administrators, and any remote-work-from-home-digital-nomad with a side-hustle. A funny thing about security vulnerabilities, defects and flaws may exist in products for years until revealed by any number of involved parties. They sit silent waiting for exploitation by…

    Continue Reading


Useful Resources

Enterprise Cybersecurity Solutions, Services & Training | Proofpoint US
Proofpoint is a leading cybersecurity company that protects organizations’ greatest assets and biggest risks: their people.

Threat Intelligence Resources & Cyber Security Insights (mandiant.com)
Dynamic cyber defense solutions powered by industry-leading expertise

Resources | FireEye
Information and insight on today’s threats from the leader in advanced threat prevention

Overview | CVE
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

Known Exploited Vulnerabilities Catalog | CISA
CISA will update this catalog with additional exploited vulnerabilities as they become known, subject to an executive level CISA review and when they satisfy the following thresholds:

  • The vulnerability has an assigned Common Vulnerabilities and Exposures (CVE) ID.
  • There is reliable evidence that the vulnerability has been actively exploited in the wild.
  • There is a clear remediation action for the vulnerability, such as a vendor provided update.

Cybersecurity | Ready.gov
An official website of the U.S. Department of Homeland Security

Recorded Future
The Recorded Future Intelligence Platform delivers accurate and actionable intelligence at the right time and the right place, giving you the visibility you need to stay one step ahead of the adversary.

WordPress Security Plugin | Wordfence
A Comprehensive Security Solution For WordPress

Check Point Company Overview – Check Point Software
Provider of cyber security solutions to governments and corporate enterprises globally.

Enterprise Cybersecurity Solutions, Services & Training | Proofpoint US
Proofpoint is a leading cybersecurity company that protects organizations’ greatest assets and biggest risks: their people.

Leave a Reply