March 12, 2024

Good morning, everyone!

This week’s critical vulnerabilities: Apple has released updates to fix at least four security issues, two of which are already being used in real life attacks. Included in iOS 17.4 and iOS 16.7.6, iOS 15.8.2 and iPadOS 15.8.2 as well as macOS 13.6.5 and 14.4 VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation Hikvision has announced patches for two vulnerabilities in its security management system HikCentral Professional JetBrains TeamCity on-premises software has critical fixes available for active exploits Cisco has released an update to fix a high-severity security flaw impacting its Secure Client Patch All the Things!

Last week, the Cybersecurity and Infrastructure Security Agency (CISA) announced ¹ that two systems were breached last month by attackers exploiting vulnerabilities in Ivanti products:

“This is a reminder that any organization can be affected by a cyber vulnerability and having an incident response plan in place is a necessary component of resilience.”

Boy, ain't it though? Remember the core functions of the NIST CSF? Identify, Protect, Detect, Respond, Recover (well, they added Governance in the newly-released version 2.0). Sometimes Identify and Protect aren't enough, especially in the case of a zero-day vulnerability, so you have to Detect the problem, and be able to Respond & Recover -- because you have a plan in place and everyone knows how to follow it, right?

Since the most common incident is accidentally installing malware on your computer, I'll address that.

Detect: Recognize the signs. The most common signs that you may have malware include:

• Suddenly the device is running much slower than usual
• Hard drive and/or fans start running, or running high, for no apparent reason
• Inexplicable noise (talking or music)
• A popup box that flashes and quickly disappears
• An attachment or link that won't open or appears to do nothing

Respond -- quickly. If any of these things occur, especially just after opening an email or while surfing the web (including social media apps, not just the browser), follow these steps:

1. Disconnect the device from the Internet. If it has an ethernet cable, unplug that. If it's on wireless, turn off wireless. If you can't turn it off, and if you have physical control over the wireless access point, unplug that. The important thing is to cut off the malware's connection to the Internet, and to isolate the potentially-infected device from other devices on the network. (Note: If you cannot disconnect the device, turn it off. Pull the power cable if necessary. But this only the LAST RESORT if you are unable to disconnect it, and only after step 2 below.)
2. Take a picture of the screen.
3. Send the picture to your tech support person.

Recover. As soon as the infection is cleaned up, restore data from backup. You are making regular backups, right?

Stay cyber safe this week!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺