Hello all,Merry Christmas, Kwanza, Festivus, Hanukkah, Happy Holidays, and Happy New Year! The Red-N Weekly Security newsletter is below the callouts below. Just because we are celebrating holidays does not mean that the dirt-bags out there are taking a break. Notable callouts from this week include: A DDoS attack is similar to…
Hello all, The Red-N Weekly Security newsletter is below the callouts below. Notable callouts this week include: Just like attempting to drive a car that has a hole in a tire is fraught with issues, running a computer system with an unpatched hole will eventually result in either damage to the…
Hello All, The Red-N Weekly Security newsletter is below the callouts below. Notable callouts this week include: It costs a Threat Actor almost nothing to send out several hundred thousand well-crafted phishing emails. It can cost you everything if you take the bait, bite down, and get reeled in. CISA published…
Hello all, The Red-N Weekly Security newsletter is below the callouts below. Notable callouts this week include: Also in this week’s issue are several links about cyber insurance. Remember, the second rat gets the cheese. In security, you cannot rest on your laurels. If you catch one, others are already vying…
Hello all,A few of the notable call-out’s from this week’s report (found below this introduction) are: Having up to date, monitored and effective internet security is sort of like owning a snow-blower in Buffalo NY. It doesn’t do much for you most of the time, but when you need it, boy…
Hello all, A few of the notable call-out’s from this week’s report (found below this introduction) are: I just read an interesting article that said Turkeys are notoriously difficult to hunt. They are well camouflaged and are “the smartest and wariest creatures in the woods”. This Thanksgiving, make sure your network…
A few of the notable call-out’s from this week’s report are: Research shows that criminals avoid homes that have CCTV and/or yappy dogs. Make sure that your network is being watched and has some yappy dogs running around in them. Send the criminals looking for an easier target. Praying you have…
For a PDF version of this week’s report, click here.
ConnectWise patched a critical RCE vulnerability in Recover and R1Soft Server Backup Manager Google fixes seventh Chrome zero-day exploited in attacks this year Atlassian Jira Align, Version 10.107.4 Vulnerability Advisory Apple fixes new zero-day used in attacks against iPhones, iPads, and iPods – check here for your particular version Stranger Strings:…
Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text (Text4Shell) Our new scanner for Text4Shell – Silent Signal Techblog – Scanner on Github Vulnerabilities in Cisco Identity Services Engine require your attention Heat left by users’ fingertips could help hackers crack passwords Microsoft’s out-of-date driver list left…
Microsoft October 2022 Patch Tuesday fixes two zero-days, 1 used in attacks, 84 flaws, 13 of which are critical The October 2022 Exchange SUs do not contain fixes for the zero-day vulnerabilities reported on September 29, 2022 Windows 11 KB5018427 update released with 30 bug fixes, improvements Aruba fixes critical RCE…
Fortinet warns admins to patch critical auth bypass bug immediately Updated information: Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Steam Gaming Phish Showcases Browser-in-Browser Threat ‘IT security issue’ impacts multiple hospitals across several states Microsoft investigates Windows 11 22H2 Remote Desktop issues Lloyd’s of London investigates and responds…