A vulnerability has been discovered in Zoho Desktop Central and Desktop Central MSP that could allow for authentication bypass. Zoho Desktop Central and Desktop Central MSP are unified endpoint management (UEM) solution that helps in managing servers, laptops, desktops, smartphones, and tablets from a central location. It allows admins to deploy patches and software over the network and troubleshoot them remotely. Successful exploitation of this vulnerability could allow for a remote user to perform unauthorized actions on a server including access to unauthorized data or the ability the write an arbitrary zip file.
Daily Archives: January 18, 2022
Oracle Quarterly Critical Patches Issued January 18, 2022
Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution
How to Protect Your Social Media Accounts
Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you can protect your social media accounts from hacks and attacks.
Beyond the sheer number of people who’re on social media, there’s also the amount of time we spend on it. People worldwide spend an average of 145 minutes a day on social media. With users in the U.S. spending just over two hours on social media a day and users in the Philippines spending nearly four hours a day, that figure can vary widely. Yet it’s safe to say that a good portion of our day features time scrolling and thumbing through our social media feeds.
Given how much we enjoy and rely on social media, now’s a fine time to give your social media settings and habits a closer look so that you can get the most out of it with less fuss and worry. Whether you’re using Facebook, Instagram, TikTok, or whatnot, here are several things you can do that can help keep you safe and secure out there:
1. Set strong, unique passwords
Passwords mark square one in your protection, with strong and unique passwords across all your accounts forming primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one.
2. Go private
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy.
3. Say “no” to strangers bearing friend requests
Be critical of the invitations you receive. Out-and-out strangers could be more than just a stranger, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. Reject such requests.
4. Think twice before checking in
Nothing says “there’s nobody at home right now” like that post of you on vacation or sharing your location while you’re out on the town. In effect, such posts announce your whereabouts to a broad audience of followers (even a global audience, if you’re not posting privately, as called out above). Consider sharing photos and stories of your adventures once you’ve returned.
5. The internet is forever
It’s a famous saying for a reason. Whether your profile is set to private or if you are using an app with “disappearing” messages and posts (like Snapchat), what you post can indeed be saved and shared again. It’s as simple as taking a screenshot. If you don’t want it out there, forever or otherwise, simply don’t post it.
6. Watch out for phishing scams
We’re increasingly accustomed to the warnings about phishing emails, yet phishing attacks happen plenty on social media. The same rules apply. Don’t follow any links you get from strangers by way of instant or direct messengers. And keep your personal information close. Don’t pass out your email, address, or other info as well. Even those so-called “quiz” posts and websites can be ruses designed to steal bits and pieces of personal info that can be used as the basis of an attack.
7. Also keep an eye out for scams of all kinds
Sadly, social media can also be a place where people pull a fast one. Get-rich-quick schemes, romance cons, and all kinds of imposters can set up shop in ads, posts, and even direct messages—typically designed to separate you from your personal information, money, or both. This is an entire topic to itself, and you can learn plenty more about quizzes and other identity theft scams to avoid on social media.
8. Review your tags
Some platforms such as Facebook allow users to review posts that are tagged with their profile names. Check your account settings and give yourself the highest degree of control over how and where your tags are used by others. This will help keep you aware of where you’re being mentioned by others and in what way.
9. Protect yourself and your devices
Security software can protect you from clicking on malicious links while on social media while steering you clear of other threats like viruses, ransomware, and phishing attacks. It can look out for you as well, by protecting your privacy and monitoring your email, SSN, bank accounts, credit cards, and other personal information. With identity theft a rather commonplace occurrence today, security software is really a must.
10. Check your Protection Score and see how safe you are
Now you can point to a number that shows you just how safe you are with our Protection Score. It’s an industry first, and it works by taking stock of your overall security and grading it on a scale of 0 to 1,000. From there, it calls out any weak spots and then walks you through the steps to shore it up with personalized guidance. This way, you’re always in the know about your security, privacy, and personal identity on social media and practically wherever else your travels take you online.
The post How to Protect Your Social Media Accounts appeared first on McAfee Blogs.
Oracle Critical Patch Update Advisory – January 2022
McAfee Wins Product of the Year for Best Online Protection
You can feel even more confident that you’ll enjoy life online with us at your side. AV-Comparatives has awarded McAfee as its 2021 Product of the Year.
McAfee makes staying safe simple, and now this endorsement by an independent lab says we protect you best.
Over the course of 2021, AV-Comparatives subjected 17 different online protection products to a series of rigorous tests. Their labs investigated each product’s ability to protect against real-world Internet threats, such as thousands of emerging malicious programs and advanced targeted attacks, along with the ability to provide protection without slowing down the computer.
McAfee topped the field, taking home the award for AV-Comparatives’ Product of the Year thanks to our highest overall scores across the seven different testing periods throughout the year. McAfee further took a Gold Award for the Malware Protection Test, in addition to recognition for its clean, modern, and touch-friendly design and for the way that McAfee Firewall coordinates perfectly with Windows.
“We’re honored by the recognition,” says Chief Technology Officer, Steve Grobman. “The strong reputation that AV-Comparatives carries in the industry cements our place as a leader in online protection.” He goes on to say, “Our work continues. The internet is evolving to be integral to every part of our lives. This creates new opportunities for cyber criminals and drives the evolution of the threat landscape. McAfee is committed to staying one step ahead of these sophisticated threats, ensuring customers can safely utilize the full value of our online world.”
Read the full AV-Comparatives annual report and protect yourself and your family with the year’s top-rated antivirus. Give it a look for yourself with a free 30-day trial of McAfee Total Protection, which includes McAfee’s award-winning anti-malware technology plus identity monitoring, Secure VPN, and safe browsing for an all-in-one online protection.
The post McAfee Wins Product of the Year for Best Online Protection appeared first on McAfee Blogs.
UK Government to Launch PR Campaign Undermining End-to-End Encryption
Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” rhetoric we’re seeing in this current wave of the crypto wars. The technical eavesdropping mechanisms have shifted to client-side scanning, which won’t actually help — but since that’s not really the point, it’s not argued on its merits.
When It comes to Cybersecurity – An ounce of prevention
Benjamin Franklin advised fire-threatened Philadelphians in 1736 that, “An ounce of prevention is worth a pound of cure. Clearly, preventing fires is better than fighting them……”
So, to what extent are we able to protect ourselves from Cybersecurity events? With the alphabet soup of acronyms out there such as NIST, ISO, SOC, CISA, DevSecOps, etc…… protecting your business from Cybersecurity threats can be overwhelming. Making Cybersecurity a priority can save your business down the road.
Threat Actors, once in, may lay dormant for months much like a human virus. The hacker with the persistent access in place will sit in the background infecting as much as possible and gathering as much data as they can. Like a cold, you may feel fine, but you’ll notice things are off a bit. You get tired easier; seem a little sluggish.
The same symptoms will occur in your IT environment as the malware spreads downloading data and expanding across your global network corrupting backups and leaving little options. Once the actor has embedded themselves, they will strike. Ransomware and stolen customer data can put an enterprise out of business for months.
Social engineering
Social engineering is the most prevalent way threat actors find their way into your environment. Disguising themselves as legitimate web sites, email, and customer service entities they depend on people’s kindness, willingness to help and urgency to resolve perceived threats/problems. Training your employees on recognizing these threats is both simple and critical in preventing an intrusion.
Verifying the URL on a link is the quickest and easiest way to determine validity. The safest bet; is if you don’t know who sent it don’t click it. Look up the phone number for the company on an independent site and call them to verify the request. Do not use the number that was embedded in the email. Many businesses or government entities will never call or email you. Getting an unexpected call from the Social Security administration or the IRS will never happen. Instead, they will use traditional mail.
Network design and architecture
Architecting a robust network with multiple layers of firewall protection, redundant pathways for both external and internal and isolating critical data is paramount in limiting the damage done by a threat actor. In the first layer all client data should be completely isolated from external facing equipment. Access to these environment’s should be heavily restricted to a limited number of people and applications.
The next layer is the application layer and should be divided into those applications accessing the data and those processing it. Lastly is the customer facing layers. These will sit on the public internet or companies’ intranet and be most exposed to threats. Utilizing a simple three-layer approach can prevent most leakage points from being exposed. More complex architectures may be needed depending on the industry or the data.
Asset inventory/patches
All assets on the network must be identified and tracked. Assets that are not in the inventory or patched can be Trojan horses themselves. Sitting on the network these assets are easy targets for Threat Actors. Knowing the age of the assets and patch levels is critical. Older assets may be out of maintenance; therefore, they may no longer have patches available and can be easily exploited.
Newer assets may sit unpatched due to the application utilizing them not being able to support the most recent patches. These machines must be isolated and scrutinized more closely. Lastly, having an active patching process of N-1 or better as well as subscribing to the latest threat alerts with your vendors is paramount to making sure you are safely secured.
Backups
Backups of data and applications are necessary to restoring your operations in the event of a ransomware or other intrusions. Since Threat Actors may have been lurking in your environment for months prior to being identified, your backups may be corrupted. If this occurs, once you restore, the Threat Actor will simply shut you down again. It’s imperative to keep the restoration environment isolated until you can scan all restored systems and verify that they are clean prior to going back online.
Budgets
Some intrusions occur due to carelessness or lack of processes and procedures. In others, it is a lack of budgetary foresight creating cyber risk. Technology debt occurs quickly when finances are tight, and decisions are made to put off upgrades and maintenance to save money. “We’ll take care of it next year when things are better”, so they say.
One year quickly becomes three. As long as mission critical applications are functioning as expected, long range planning for them are overlooked. Proper budgetary planning for equipment maintenance & replacements, software patching and application upgrades are an imperative. It must be an integral part of every company’s financial planning process.
Preparedness
Just like with home protection; running fire drills, having home escape plans, regularly testing your security system and maintaining your smoke detectors; you need to do the same with your IT environments. Have a certified third party review your infrastructure and application architecture to ensure it has solid protective layers in place and all sensitive data is isolated. Conduct a review of all security policies, procedures, and training.
Run external and internal penetration tests to see if any holes exist and quickly execute remediation plans. Have a ransomware playbook in place and run preparedness drills. Regularly scan your backups for known malware. Maintain an active asset inventory list and perform quarterly audits of move, adds and changes to ensure nothing is on the network that shouldn’t be there.
An ounce of prevention
Even with proper grounding, installing smoke detectors, and sprinkler systems; fires still occur. Setting up and maintaining safety and security measures ensures that damage is avoided, minimized, and contained.
To the Threat Actor, data theft, ransomware, and denial of service attacks are a very profitable game. They are patient and will continue to probe until they find a way in. Companies that have fallen behind with updates and upgrades will become easy marks. As an IT leader you must stay one step ahead of them with proper planning and maintenance of your total environment.
Collective resilience: Why CISOs are embracing a new culture of openness
Security exec Chad Kliewer had heard the initial reports of the SolarWinds attack as news about it broke in December 2020, sympathetic to those companies first named as victims of the hack.
To read this article in full, please click here
(Insider Story)
Three recent events prove the need for an insider risk playbook
Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. The other side of the human factor are the malevolent individuals who opt to break trust and willingly push aside their NDAs and in-place IT data handling processes and procedures to knowingly abscond with sensitive data.
Three recent incidents underscore the importance of having an insider risk management playbook:
Ubiquiti’s insider risk mitigation plan pays off
Malicious insider Nikolas Sharp of Ubiquiti stole his company’s data and then attempted to maneuver the post-investigation efforts away from his own actions and to extort from his employer $2 million. While the Ubiquiti team did not stop the exfiltration of the data, once an anomalous activity was discovered, they executed on their mitigation plan, and eventually brought in the FBI to address the criminal aspects of their insider incident.
Critical Patches Issued for Microsoft Products, May 11, 2021
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.