August 3, 2021

Good morning, everyone!

This week’s critical vulnerabilities: WordPress Download Manager has released a new version fixing two critical security flaws. Many IP cameras are impacted by a security vulnerability for which a patch was recently released. Vendors include Ganz, Visualint, Cap, THRIVE Intelligence, Sophus, VCA, TripCorps, Sprinx Technologies, Smartec, Riva and likely others Flash is still being used to distribute malware. Adobe quit supporting it last year. If you still have it installed anywhere, get rid of it now. Google is rolling out a fix for a fix that bricked some Chrome devices – get your update when it’s available Cisco has released patches for critical bugs in Web Security Appliance (WSA) and Business Process Automation (BPA) Patch All the Things!

Most weeks I choose a particular topic to write about, but sometimes (like this week!) I just hit a few highlights from recent reading:

Enable 2FA whenever possible

You all know how much I love Two-Factor Authentication, right? I was surprised to read this:

Twitter has revealed in its latest transparency report that only 2.3% of all active accounts have enabled at least one method of two-factor authentication (2FA) between July and December 2020.

Honestly, 2FA is the single most important (Easy! Free!) thing you can do to protect your online accounts, whether business or personal. I’ve written lots about this before. Just do it!

Wireless device Do's and Don'ts from the NSA

The NSA recently released a tip sheet focused on the safe use of wireless devices in public settings, when traveling, etc. Lots of good stuff there and written in (mostly!) plain language.

"No More Ransom" saves almost 1 billion in ransomware payments in 5 years

On a happy note, the No More Ransom project recently celebrated its fifth anniversary, having helped ”over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.” The project has over 170 partners worldwide, ”offering 121 free tools able to decrypt 151 ransomware families.” Isn’t that awesome?!?

84% of ransomware attacks start like this

Lots of home computers get ransomware too, ya know, and it’s miserable no matter when/where it happens. Security researchers at Coveware recently analyzed ransomware attacks in the 2nd quarter of 2021, and found that 84% of ransomware attacks start in one of two ways:

(1) Phishing attacks – those emails (or text messages) that trick you into opening an infected email attachment, or clicking on a link that takes you to a site hosting malware. So think before you click! Trust only original sources of information. When in doubt, pick up the phone and call the person or company that sent you the phishy-looking email.

(2) Open RDP ports -- this an easy way for attackers to get into your network. Many businesses opened RDP ports when the WFH wave hit last year, and unfortunately many of those open ports were never closed. If you have any doubt about open RDP on your firewall, ask your IT staff or vendor to confirm that you’re not vulnerable to this kind of attack (and why).

Don’t click on “blind” links behind URL shorteners

What is a URL shortener? It’s a service that provides a short – but blind – link to a website address. For example, the actual web address of my newsletter signup page is https://theneteffect.us4.list-manage.com/subscribe?u=bba7f5e67d3a1213cdaecc7f6&id=08d392ca5b – and that’s pretty horrible, isn’t it? So I used Bitly’s service to create a short link (https://bit.ly/TNESignUP) for use in my email signature. I had to change it recently, though, because Gmail started to block all my emails. Bitly and other URL shorteners are increasingly being used to hide links to malware downloads, fake calendar entries, and more. This interesting article describes some of the most common attacks (in a lot of detail! LOL).

Change default admin passwords

You know this, right? The very first thing you do when you bring home a new device, especially one that connects directly to the Internet, is change the default passwords. Not just the connection key, but especially the admin password. It’s usually on a sticker on the device or on a card inside the box, and nearly always available on the manufacturer’s website. Unfortunately a recent study has shown that one in 16 home Wi-Fi routers is still using the default admin password. This is a HUGE security problem in your home!

And that’s my cyber security round up for the week. Read & share!

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Talk to you again soon!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Goes Live Again!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Thankfully, live training is making a comeback! So wherever you and your employees may be, I can deliver a fun and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺