Cyber Security News & Tips by Glenda R. Snodgrass for The Net Effect

[ View this email in your web browser ] [ Visit our archives ]

June 14, 2022

Good morning, everyone!

Microsoft zero-day being actively exploited

The so-called “Follina” zero-day vulnerability in Microsoft Office I discussed last week is being actively exploited. Please read that newsletter if you missed it, and consider disabling the MSDT URL Protocol if you haven't already.



Do it for yourself and also for others

A couple of weeks ago I talked about the importance of cyber security at home and at work, not just for your own protection, but to prevent the bad guys from using your devices to attack others.

Last week, CISA, NSA, and FBI issued a joint advisory: “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices detailing China’s current program of attacking big fish by using small fish:

PRC state-sponsored cyber actors readily exploit vulnerabilities to compromise unpatched network devices. Network devices, such as Small Office/Home Office (SOHO) routers and Network Attached Storage (NAS) devices, serve as additional access points to route command and control (C2) traffic and act as midpoints to conduct network intrusions on other entities.

That's a really convoluted way of saying that Chinese hackers are exploiting known flaws in common Internet devices and using them as waystations to attack their real targets. Don't let them use you like this! If you follow the link above and scroll all the way down to the "Mitigations" section, you will see some good security advice in general, with links to specific steps to take for specific circumstances.

Of course, I’ve written before about securing your devices so please take note of these basic configuration steps, and ...

Patch All the Things!

Be safe this week! (and always 😉)

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Talk to you again soon!

Glenda R. Snodgrass

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺

TNE. Cybersecurity. Possible.

Speak with an Expert

Contact

The Net Effect, L.L.C.
Post Office Box 885
Mobile, Alabama 36601-0885 (US)
phone: (251) 433-0196
fax: (251) 433-5371
email: sales at theneteffect dot com
Secure Payment Center

The Net Effect, LLC

The Net Effect is a CMMC-AB Registered Provider OrganizationRPO

Copyright 1996-2022 The Net Effect, L.L.C. All rights reserved. Read our privacy policy