December 19, 2023

Good morning, everyone!

This week’s critical vulnerabilities: Apple patched everything again this past week. WordPress has released version 6.4.2 to correct a serious security issue introduced in version 6.4 of its core Sierra wireless routers have 21 vulnerabilities that need to be patched ASAP. [C]ybersecurity firm [forescout] found 86,000 vulnerable routers that are directly exposed to the internet. Only less than 10% of them appear to be patched against known vulnerabilities disclosed since 2019, and many exposed devices have reached end of life and no longer receive patches. Atlassian has released fixes for critical flaws in Jira, Confluence, Bitbucket and the Atlassian Companion app for macOS software Microsoft and Adobe released security fixes in this month's Patch Tuesday Apache released security updates for Struts 2 Sophos has released a critical fix for older firewalls Did your "automatic" updates get installed? Patch All the Things!

Once again, FBI Special Agent Kevin Parker posted some extremely useful and on-point tips for cyber safety while traveling. I'll share a few of them here, along with some of my own:

Before you leave, be sure that all your devices (phone, tablet, laptop) have the latest operating system updates and security patches. Remember, that's the single most important thing you can do to protect your devices!

Load your devices with downloads (podcasts, videos) before you go. Download map data for the places you will visit. This will make it much easier to limit your use of insecure public wifi and using cellular data when not necessary.

Don't forget to pack all your charging cables! Look for electrical outlets for charging, not public USB stations.

Protect your trip details and boarding pass. Do not post photos of your boarding pass! You'd be amazed at What’s in a Boarding Pass Barcode (hint: name, phone number, email, frequent flyer number, other PII, name of the person who booked the flight, current and future flight details and the ability to change them).

Be mindful of what you share on social media. Don't tell the whole world your house is empty for a week! Post those vacation photos after you get home. Always practice selfie awareness.

Happy Holidays, everyone! Stay safe. We'll talk again in 2024.

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Have a great week!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺