February 23, 2021

Good morning, everyone!

Good grief! I take off one week and EVERYONE releases patches! Google has patched another zero-day vulnerability in Chrome. Two WordPress plugins were found to have serious security issues which have been patched: The NextGen Gallery (used for creating image galleries) and Responsive Menu, installed on over 100,000 sites. Adobe released patches for Acrobat, Reader & Magento. Microsoft released a slew of patches on Patch Tuesday, including a fix for a 12 year old bug in Defender, and then replaced the faulty update almost immediately SAP released a fix for its SAP Commerce platform. A security researcher has released information on a critical flaw in Windows Server 2012 so be sure you are running R2. Patch all the things!!

The Importance of Good Backups

This story has lots of lessons, but I’m focusing on just one today: the importance of good backups:

A web hosting company named No Support Linux Hosting announced today it was shutting down after a hacker breached its internal systems and compromised its entire operation.

Write this down: If you store your data locally, keep backups offsite. If you store your data offsite (in the cloud), keep local backups. You cannot rely on a third-party to be the sole responsible party for your data – any of your data! This is not the first time I’ve talked about a cloud service provider simply shutting down after an attack. You must take personal responsibility for your data. Diversify. Cover your bases. Don’t put all your eggs in one basket!

Talk about Lucky!

This story is pretty horrifying:

A hacker’s botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation’s water systems may be to attacks by more sophisticated intruders.

Apparently an actual human being, paying attention on the job, saved the day:

A supervisor monitoring a plant console about 1:30 p.m. saw a cursor move across the screen and change settings

How did this happen?

the intruder entered through a remote-access program called TeamViewer. It was loaded on all computers used by plant personnel, all of which were connected to the plant’s control system, the advisory said, adding that all users shared the same password — ignoring cybersecurity best practices. Further, those computers “appeared to be connected directly to the Internet without any type of firewall protection installed.”

(emphasis added)

Okay, let’s break this down:

• No shared passwords! Each user should have a unique password. Passwords should not be reused across accounts, services, networks, etc.
• Enable two-factor authentication whenever it is available. (You’ve heard me say this before) Even a shared password cannot easily be used to access an account with 2FA enabled.
• Do not connect any devices directly to the Internet. Always have a firewall between your devices and the bad guys.

What’s the best firewall? People ask me this question all the time, and my response is always the same: the one your IT people know how to properly configure. Seriously! Most commercial firewalls have roughly the same features and standards. The important thing is to configure it properly, and that requires experience and skill. Knowing how to properly configure one brand doesn’t necessarily mean you can properly configure a different brand.

Malware for Macs

Yes, it’s a thing. It is still far less common than malware for Windows, but it is out there. Recently, two new strains of malware have been identified that attack Apple’s New M1 Processor. The usual rules apply: Think Before You Click! Don’t just say “ok” to those popup boxes. Beware of installing software from unknown vendors. Don’t grant excessive permissions. Slow down, read what is on the screen, and make a conscious decision whether to proceed with the installation or not.

I think that's enough for this week. Go forth and apply your patches, enable 2FA and think before you click!

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Talk to you again soon!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Goes Virtual

Thanks to COVID-19, lots of things are going virtual, and that includes my employee Security Awareness Training. I've set up a small studio in our conference room (nobody there but me) so I can provide live training (almost) just like before! You can see me wave my hands and make faces while a wall of fascinating facts and practical tips slideshow across your screens, wherever you and your employees may be.

Contact me to schedule your employee training sessions. They're fun! ☺