What is CMMC? CMMC Update Archives CMMC Links
Security Awareness Training Public Speaking Expert Witness
Newsletters Whitepapers Articles Videos Interviews Additional Resources
Cyber Security News & Tips by Glenda R. Snodgrass for The Net Effect
[ View this email in your web browser ] [ Visit our archives ] [ Sign Up for this Newsletter ]

February 20, 2024

Good morning, everyone!

This week’s critical vulnerabilities:
  • Microsoft's latest Patch Tuesday was a big one, as usual
  • Zoom has released fixes for 7 critical vulnerabilities
  • QNAP has released fixes for two new vulnerabilities, one a zero-day
  • Canon has issued remediation guidance for vulnerabilities in multiple printer models
  • Apple and LastPass have coordinated the removal of a fraudulent app ("LassPass") intending to impersonate LastPass (password manager app) from the App Store
  • AnyDesk has confirmed a data breach and forced a password reset on 'my.anydesk.com, urging all passwords to be reset
  • Ivanti gateways are under active attack, as thousands remain vulnerable
  • JetBrains TeamCity has released a critical fix for its on-prem software

    Did your "automatic" updates get installed?

Patch All the Things!



Change Default Passwords

What is literally step #1 in my advice for securing wireless routers and other "things"? (1) Change the default admin password

Why am I talking about this? Last week the FBI took down a botnet of Ubiquiti routers controlled by Russian cyber criminals. How did they do it?

“Non-GRU cybercriminals installed the Moobot malware on Ubiquiti Edge OS routers that still used publicly known default administrator passwords. GRU hackers then used the Moobot malware to install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber espionage platform,” the agency said.

Can I say this one more time? Please, secure your stuff! so the bad guys can't use it to attack others.

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Have a great week!

Glenda R. Snodgrass

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!



Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺

TNE. Cybersecurity. Possible.

Speak with an Expert

Contact

The Net Effect, L.L.C.
Post Office Box 885
Mobile, Alabama 36601-0885 (US)
phone: (251) 433-0196
fax: (251) 433-5371
email: sales at theneteffect dot com
Secure Payment Center

Site Map

Home
Employee Training
Security Awareness Training
Public Speaking
Expert Witness
Workshops
About

Resources


CMMC
Newsletter
Whitepapers
Articles
Videos
Interviews

The Net Effect, LLC

Copyright 1996-2024 The Net Effect, L.L.C. All rights reserved. Read our privacy policy