November 2017 News and Updates

Cyber Tech Cafe


Updates

News
  • Mailing List – We’re excited to announce that the mailing list is back up and running.  We generally only send emails once per month (the News and Updates), so it’s a low volume list.  We have a sign-up form on the right-column of our website if you’d like to sign up.
  • Holiday Schedule – Please be sure to check out our 2017 holiday schedule here.  If you have projects that you’d like to complete by year end, please let us know as soon as possible.
  • MyIT – We are working on some exciting changes to the MyIT Options, including updates to the Network Ninja, for 2018 that we hope to announce in the December newsletter.

Executive Summary – Critical vulnerabilities were patched by Microsoft and Adobe this month, many of which are remotely exploitable and a number of vulnerabilities in Microsoft products have exploit code available.  Organizations are encouraged to patch external facing systems immediately and internal-only systems as soon as possible.

MicrosoftMicrosoft – Microsoft patched 53 vulnerabilities in the November Patch Tuesday release, patching 25 remote code execution vulnerabilities.  Twenty of the vulnerabilities are rated critical.  Four of the vulnerabilities have exploit code publicly available (though Qualsys indicated yesterday that there’s no indication of active attack campaigns against them yet).  ThreatPost has an excellent write-up with additional details on the vulnerabilities as well as CVE’s here.

Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critcial, it’s important that the updates are installed.

Additional details are available Here and Here.


AdobeAdobe – Adobe released APSB17-33 through APSB17-41, patching more than 60 vulnerabilities in Acrobat, Reader and Flash, many of which are rated critical and are cross platform (Windows, Mac, Linux and Chrome OS).  Additional updates for Photoshop CC, Connect, DNG Converter, InDesign and more were also released.  There is an excellent write-up by ThreatPost with additional details and CVEs for specific vulnerabilities here.

Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc.).

Additional details are available from Adobe Here and Here including links to download the update(s) and instructions for installation.


JavaJava / Oracle – The latest update for Java is Version 8 Update 151, released on 17 October 2017.

Java is a tool that’s widely used by banks, online service providers and even security companies for SSL VPN connections. Java’s ‘official’ release cycle is approximately quarterly but Java updates have been ‘fast and furious’ in recent months. It’s worth noting again that, if you don’t absolutely need Java on your computer, it’s not a bad idea to remove it altogether.

Additional details are available from Oracle here.


Piratica

Security News, Sponsored by Piratica – An ongoing problem that we see is organizations continuing to expose vulnerable services (SMB v1 with WannaCry, known vulnerable Apache Struts with Equifax, etc.), giving attackers an attack surface that’s both broad and wide. In many cases, these companies don’t even realize a) that they’re exposing these services or that b) they’re a security risk. As an example, at the time of publishing, more than 591,000 hosts in the US alone are exposing RDP (which requires only a username and password and, in many cases, the username is already filled in). Through the end of the year, Piratica is offering one free vulnerability scan for organizations to help identify these exposed hosts and hopefully minimize the available attack surfaces for attackers. If you would like more information or would like to request a free vulnerability scan for your organization, complete the request form here (https://www.piratica.us/index.php/free-vulnerability-scan/) .

Piratica is a risk management firm. We work with client organizations to help them identify and understand the risks to their organizations from cyber criminals. We believe that the first step in any solution is to correctly and completely identify the problem. Additional information is available on our website, Facebook and Twitter or via our free weekly email newsletter (signup available on our website here).

These updates will be automatically reviewed, approved and installed for MyIT Customers. If you would like more information about the Cyber Tech Cafe MyIT services for your business, please let us know. The Cyber Tech Cafe MyIT services are availalbe in three different levels (Bronze, Silver and Gold) and can provide updates only (Bronze), updates and proactive network auditing and monitoring (Silver) or updates, proactive auditing and monitoring and up to 10 hours of priority support at a significantly discounted rate (Gold). Pricing is based on the number of physical locations, servers and workstations that you have.