Computer Safety & News

Apple is a key hardware & software vendor for many organizations & several products have had recent security updates.

Apple Releases Security Updates | CISA

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates.

• • MacOS Big Sur 11.5
  • Security Update 2021-004 Catalina
  • Security Update 2021-005 Mojave
  • iPadOS 14.7

Cybersecurity threats for industrial control systems (ICS) have increased in 2021 & history of major incidents share importance of safeguarding these national & local resources.

Significant Historical Cyber-Intrusion Campaigns Targeting ICS | CISA

To raise awareness of the risks to—and improve the cyber protection of—critical infrastructure, CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory as well as updates to five alerts and advisories. These alerts and advisories contain information on historical cyber-intrusion campaigns that have targeted ICS:

• • Joint CISA-FBI Cybersecurity Advisory (CSA): AA21-201A: Gas Pipeline Intrusion Campaign, 2011-2013 Note: CISA released the initial version of this publication to affected stakeholders in 2012.
  • ICS Joint Security Awareness Report: JSAR-12-241-01B: Shamoon/DistTrack Malware (Update B)
  • ICS Advisory: ICSA-14-178-01: ICS Focused Malware – Havex
  • ICS Alert: ICS-ALERT-14-281-01E: Ongoing Sophisticated Malware Campaign Compromising ICS (Update E)
  • ICS Alert: IR-ALERT-H-16-056-01: Cyber-Attack Against Ukrainian Critical Infrastructure
  • Technical Alert: TA17-163A: CrashOverride Malware

CISA urges critical infrastructure owners and operators to review the publications listed above and apply the mitigations in Joint CISA-FBI CSA AA21-201A: Gas Pipeline Intrusion Campaign, 2011-2013. CISA also encourages owners and operators to review AR-17-20045: Enhanced Analysis of Malicious Cyber Activity.

Oracle is a key data base & application development vendor for many organizations & several products have had recent security updates.

Oracle Releases July 2021 Critical Patch Update | CISA

Oracle Critical Patch Update Advisory – July 2021

This Critical Patch Update contains 342 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at July 2021 Critical Patch Update: Executive Summary and Analysis.

Cisco is a key network & security vendor for many organizations & several products have had recent security updates.

Cisco Releases Security Updates | CISA

Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability

Cisco has released security updates to address a vulnerability in Adaptive Security Appliance Software Release 9.16.1 and Firepower Threat Defense Software Release 7.0.0. A remote attacker could exploit this vulnerability to cause a denial of service condition. CISA encourages users and administrators to review Cisco Advisory cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC and apply the necessary updates.

The Harvard Business shares effective new tactics to better work remotely based on changes caused by the pandemic. 

9 Tactics for Better Remote Negotiations (hbr.org)

COVID-19 has changed the way companies should negotiate. Today all traditional deal terms are up for grabs and it behooves negotiators to carefully reevaluate their assumptions, assess their industries, prioritize their asks, and involve key stakeholders more deeply than ever before. Success also depends on understanding how to negotiate virtually, since many negotiations will continue to be performed remotely even after pandemic restrictions have receded.

Putting the New Tools to Work — Critically, today’s negotiators also need to use online tools effectively to take advantage of this moment. Here is our advice for enhancing your negotiation prowess in the digital domain:

1. Assemble a detailed agenda.
2. Schedule shorter, more frequent meetings.
3. Test-drive remote video technology.
4. Start with a personal check-in.
5. Consider privacy.
6. Create breakout rooms during breaks.
7. Send a summary of the session.

CISA & SonicWall are warning of ransomware attacks on outdated & unpatched equipment firmware that is at “end of life” for vendor support

Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products | CISA

Urgent Security Notice: Critical Risk to Unpatched End-of-Life SRA & SMA 8.x Remote Access Devices | SonicWall

CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. Threat actors can exploit this vulnerability to initiate a targeted ransomware attack.

CISA encourages users and administrators to review the SonicWall security advisory and upgrade to the newest firmware or disconnect EOL appliances as soon as possible. Review the CISA Bad Practices webpage to learn more about bad cybersecurity practices, such as using EOL software, that are especially dangerous for organizations supporting designated Critical Infrastructure or National Critical Functions.

As security researchers address the PrintNightmare the focus on this Windows subsystem has led to discovery of another vulnerability — that is less dangerous as local access to network is needed — but it still needs to be watched/addressed until full patch emerges.

New Windows Print Spooler Vulnerability – CVE-2021-34481 (sans.edu)

A new, unpatched, vulnerability has been discovered in the Windows Print Spooler and is being tracked under CVE-2021-34481.  Discovered by Jacob Baines at Dragos, this one requires local access, so it is less of a nightmare than PrintNightmare, but unfortunately the result of exploitation is SYSTEM level privileges.  Unfortunately, the workaround is the same; Stop and disable the Print Spooler service, which, of course, will disable the ability to print, both locally, and remotely.  It appears that Jacob will not be providing more details until Def Con.

Microsoft Launching New ‘Windows 365’ VDI Service Next Month — Redmondmag.com

Introducing a new era of hybrid personal computing: the Windows 365 Cloud PC | Microsoft 365 Blog

Microsoft on Wednesday announced a new virtual desktop infrastructure (VDI) service for business users called “Windows 365,” enabling remote access to Windows 10 or Windows 11 desktops and applications.  Windows 11, Microsoft’s newest client operating system, was introduced as a preview release last month. It’s expected to see commercial release “later this year.”

CISA has created a new comprehensive website for Ransomware information & prevention

New StopRansomware.gov website – The U.S. Government’s One-Stop Location to Stop Ransomware | CISA

Stop Ransomware | CISA

Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. This website is the U.S. Government’s official one-stop location for resources to tackle ransomware more effectively.

SAP is a leading app hosting platform & security updates have been recently issued

SAP Releases July 2021 Security Updates | CISA

SAP Security Patch Day – July 2021 – Product Security Response at SAP – Community Wiki

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the SAP Security Notes for July 2021 and apply the necessary updates.