What is CMMC? CMMC Update Archives CMMC Links
Security Awareness Training Public Speaking Expert Witness
Newsletters Whitepapers Articles Videos Interviews Additional Resources
Cyber Security News & Tips by Glenda R. Snodgrass for The Net Effect
[ View this email in your web browser ] [ Visit our archives ] [ Sign Up for this Newsletter ]

September 20, 2022

Good morning, everyone!

This week’s critical vulnerabilities:

  • Apple released another set of critical fixes for zero-day vulnerabilities. Update to iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6 and macOS Big Sur 11.7
  • Microsoft released more than 60+ critical fixes last Patch Tuesday
  • Cisco released critical security fixes for some models, but will not be releasing patches for the RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router because they have reached end of life and must be replaced
  • BackupBuddy for WordPress released an update to fix vulnerabilties currently being exploited
  • FishPig recommends that users reinstall or update extensions to its eCommerce software
  • Mitel MiVoice Connect VoIP appliances are under active attack via an exploit for which a patch was released in July
  • Vulnerabilities in EZVIZ smart cameras have been identified and patches are available

Patch all the things!



Quote of the Week

In the article referenced above on the Mitel attacks, I found a true golden nugget:

The increased targeting of VoIP appliances "will force organizations to treat all hackable devices the same from an InfoSec perspective," IoT security shop Viakoo's CEO Bud Broomhead told The Register.

"A device not being part of IT is no reason to treat it differently from a cyber perspective. Unless a device is given an official exemption, it should be held to the same patching, password, and security standard as servers or networking devices."

Three Good Questions

A professional colleague I haven't seen in some time sent me this email last week asking three good questions:

How can I mitigate hacking on my home WiFi? Should I add extra protection (passcode) to my financial service providers’ accounts? What virus protection do you recommend?

What great questions! In fact, I talk about two of these subjects on a regular basis.

As for antivirus, I don't recommend any particular products, but I suggest reading PCMagazine's periodic reviews for guidance.

Share this with your friends, family and co-workers! If my friend has these questions burning in his mind, I'm sure many of your friends are in the same boat. (HINT: tell them to sign up for this newsletter!)

Have a great week!

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Talk to you again soon!

Glenda R. Snodgrass

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺

TNE. Cybersecurity. Possible.

Speak with an Expert

Contact

The Net Effect, L.L.C.
Post Office Box 885
Mobile, Alabama 36601-0885 (US)
phone: (251) 433-0196
fax: (251) 433-5371
email: sales at theneteffect dot com
Secure Payment Center

Site Map

Home
Employee Training
Security Awareness Training
Public Speaking
Expert Witness
Workshops
About

Resources


CMMC
Newsletter
Whitepapers
Articles
Videos
Interviews

The Net Effect, LLC

Copyright 1996-2024 The Net Effect, L.L.C. All rights reserved. Read our privacy policy