December 15, 2020
Good morning, everyone!
|This week’s critical vulnerabilities:
If your organization uses the SolarWinds Orion IT monitoring platform, disconnect now: Orion update versions 2019.4 through 2020.2.1, released between March 2020 and June 2020,
have been tainted with malware and is being actively exploited. |
"The campaign is widespread, affecting public and private organizations around the world," FireEye said. "The victims have included government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East. We anticipate there are additional victims in other countries and verticals," FireEye added. SolarWinds said it plans to release a new update (2020.2.1 HF 2) on Tuesday, December 15, that "replaces the compromised component and provides several additional security enhancements."
Patch all the things!!
The most common cause of data breaches is misconfiguration of cloud services
Here's an eye-opening prediction:
Gartner predicts through 2025, 99 percent of all cloud security failures will be the customer’s fault
Read more about the shared responsibility model in the Cloud and how you can protect your organizations data and services. See also my past newsletters (07-14-2020 To Cloud, or Not to Cloud? and followups on 08-04-2020 and 11-17-2020 ).
Ransomware continues to plague, with COVID-19 themes prominent
The new Zebrocy Malware is being delivered via phishing emails with COVID-19 themes, and it’s the same old story:
Zebrocy is delivered primarily via phishing attacks that contain decoy Microsoft Office documents with macros as well as executable file attachments.
- Beware of attachments that are executable files.
- Disable macros in Microsoft Office documents unless you are POSITIVE they need to run (when in doubt, pick up the phone and call the person who sent you the document).
- Think before you click!
Short newsletter this week, but I know that everyone is busy getting ready for the holidays. Enjoy, stay safe, don’t overdo things … and we’ll talk again in 2021!
TNE. Cybersecurity. Possible.Speak with an Expert