February 22, 2022

Good morning, everyone!

The latest critical vulnerabilities: A WordPress plugin “UpdraftPlus” released a patch for a critical vulnerability Adobe Commerce & Magento received critical fixes this week Apache has released a critical patch for Cassandra database Moxa Mxview has released fixes for critical bugs in its web-based network management system Patch All the Things!

Beware of Fake Update Installers

Researchers at HP have warned that RedLine stealer malware is being distributed by distributing fake Windows 11 upgrade installers to users of Windows 10:

the actors used the seemingly legitimate “windows-upgraded.com” domain for the malware distribution part of their campaign. The site appears like a genuine Microsoft site and, if the visitor clicked on the ‘Download Now’ button, they received a 1.5 MB ZIP archive named “Windows11InstallationAssistant.zip,” fetched directly from a Discord CDN.

Interestingly enough, there is a similar 'UpdateAgent' malware for Macs being seen around. Regardless of the platform, the steps to protect yourself against attacks like this are the same.

How to Spot Fake Update Requests

Where did the popup come from? If the software is already installed on your Windows computer, a valid update notice will typically pop up from the system tray in the lower right corner of your screen. On a Mac, legitimate notices appear in the upper right corner. If a popup appears in the middle of the screen, especially if you have been surfing the web, it’s probably a trick.

When did the popup appear? As a general rule, legitimate update notices will appear when you log into your computer or an application. If you get a popup right after clicking on an ad or article online, that’s probably a fake.

How to Respond

Always consult original sources of information. For Windows Updates, click on “Windows Updates” in the Start menu; for Mac updates, click on the Apple icon in upper left corner, "About This Mac" and the "Software Update" button. For individual applications, there is usually an option to “Check for Updates” under the “Help” menu. Or you can go to the website for that application and look for update options under the Support or Downloads tab.

Finally, remember that you have to actually install this malware to be infected!

• When you get a popup asking whether you want to install this software, READ IT! Do you really want to install this software?
• Working as a standard user on a regular basis is great protection against attacks like this. Someone will have to type in an administrative password to install the malware.

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Talk to you again soon!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺