Skype Phishing Attack Targets Remote Workers’ Passwords

This is yet another example of the cybercriminal bad guys taking advantage of a crisis situation and attempting to catch us with our collective guards down.  I know many in the business world are now nearly completely reliant upon Skype, Teams, WebEx, and Zoom to function on a daily basis, but that need to stay connected cannot supersede the sound security practices that protect data and keep us safe.

Remember this simple truth – if you get an email message regarding an issue with an online service or tool, stop and don’t click any email links.  Go directly to the website you know and trust from a browser.  Any messages or alerts sent via email will be there on the website waiting for you.  President Reagan’s montra is applicable and not cliché, Trust but verify.

https://threatpost.com/skype-phishing-attack-targets-remote-workers-passwords/155068/

Patch Tuesday – Zero Days and Plenty of Fixes

Please take a moment to review these reference articles, evaluate your environments and patch accordingly.  Be aware that several vulnerabilities addressed in this round of Patch Tuesday updates have potentially active exploits in the wild.

https://www.infosecurity-magazine.com/news/two-zerodays-fixed-in-this-months/

https://nakedsecurity.sophos.com/2019/07/10/two-zero-days-and-15-critical-flaws-fixed-in-julys-patch-tuesday/

https://krebsonsecurity.com/2019/07/patch-tuesday-lowdown-july-2019-edition/

Microsoft Urges Azure Customers to Patch Exim Worm

This situation is a great example of the importance of patch and firmware management.  Just because a system is hosted in the cloud, it does not mean that you are not responsible for parts if not all of the patch and firmware oversight.  Pay close attention to your service level agreements and other cloud services documentation.

If you are using these particular Azure services from Microsoft, please review this content and patch accordingly.

https://www.infosecurity-magazine.com/news/microsoft-urges-azure-customers-to-1/

https://threatpost.com/microsoft-pushes-azure-users-to-patch-linux-systems/145749/

Microsoft’s June 2019 Patch Tuesday fixes many of SandboxEscaper’s zero-days

It’s that time again when we all get to evaluate our PC and server environments and kick off our monthly patching processes.  Please take a look at the changes this month and patch accordingly.  And please don’t forget your at-home devices.  Patching is not just a business process.  All computers and workstations and laptops need to be patched and updated on a regular basis.

https://www.zdnet.com/article/microsofts-june-2019-patch-tuesday-fixes-many-of-sandboxescapers-zero-days/

https://krebsonsecurity.com/2019/06/microsoft-patch-tuesday-june-2019-edition/

Microsoft Confirms Intent To Replace Windows 10 Passwords For 800 Million Users

Our ability to securely move beyond passwords as the singular trusted authentication mechanism has been here for some time, but concept and related technology has lacked traction.  I am excited to see Microsoft continue to endorse and partner with the FIDO Alliance to bring forward secure, alternative authentication options to the masses.

Please remember that even the best Microsoft Hello option is still often a single authentication factor.  For sensitive system access, multi-factor authentication is still the safest, most effective approach to authentication.

https://www.forbes.com/sites/daveywinder/2019/05/11/microsoft-confirms-intent-to-replace-windows-10-passwords-for-800-million-users/#6c2d97324a83

Patch Your Microsoft Windows and Office: Fortinet Discovers Three Zero-Day Remote Code Execution Vulnerabilities

The Patch Tuesday cycle has begun once again and the team at Fortinet has announced some of the conditions surrounding several of the Windows and Office related patches that have been released by Microsoft.  Please review your environments and patch your systems accordingly.

https://www.fortinet.com/blog/threat-research/microsoft-windows-office-zeroday-remote-code-vulnerabilities.html

The Highs and Lows of Patch Tuesday

We face quite a bit of patching work this week.  Microsoft has released numerous patches addressing multiple vulnerabilities including some fairly serious issues with DHCP.  Cisco has released several patches including a specific patch addressing a “default password” vulnerability in CSPC – the platform collector for device management.  Adobe has also released multiple patches across their application suites including some patches specific to Photoshop.  To pile on a little more, WordPress has released patching in version 5.1.1 to address possible unauthenticated code execution flaws.

All of these updates and patches come on the heels of the recent Google Chrome update that so many had to address immediately due to “in the wild” exploits.

Please review your environments, including your third party applications and web server platforms, and patch accordingly.

https://www.securityweek.com/adobe-patches-flaws-sandbox-photoshop-digital-editions

https://nakedsecurity.sophos.com/2019/03/14/update-now-microsofts-march-2019-patch-tuesday-is-here/

https://www.securityweek.com/wordpress-511-patches-remote-code-execution-vulnerability

https://threatpost.com/cisco-patches-critical-default-password-bug/142814/