This month has seen an unprecedented number of security disclosures! Not all of them apply to everybody and some are more actionable, so I will break them down into what you need to know for your business and discuss the broadest and most actionable items at the top.
Microsoft, Adobe and Mozilla have all released critical security patches as part of their monthly patch cycle. These patches are labeled critical and should be applied as a priority.
Authy Data Breach and Apple ID Smishing attacks. If any of your users/staff use Authy, last week Twillo disclosed a data breach that included 33 million verified Authy user phone numbers. The risk is that attackers can use this information to target victims and use pretexting to help gain trust and access to their systems. Pretexting is when an attacker uses knowledge about the victim to establish credibility and trust to trick them into taking action.
Apple has also warned that iPhone users are being targeted in a broad smishing campaign (phishing sms text messages) attempting to trick victims into granting access to their Apple ID accounts.
- Take Action: Notify your users who use Authy and iPhones to be extra vigilant and to ignore unsolicited emails, phone calls, or text messages purportedly from Authy or Apple/iCloud support asking for personal information or urging you to click links or download files.
TeamViewer reported that their corporate networks were breached and that the attackers were able to access critical systems and information that has the potential for impacting their product security. If you have TeamViewer in use in your networks and systems, you’re at a heightened risk if the TeamViewer remote support product becomes compromised. We do not recommend using the TeamViewer product if it can be avoided.
OpenSSH is in an important component that allows for secure remote administration of Linux and other systems including some firewalls. It was disclosed that some versions of the protocol have a security vulnerability that could allow an attacker access to impacted systems.
RADIUS is an important authentication protocol primarily used for VPN, network and wireless authentication. It was disclosed that some versions of the protocol have a security vulnerability that could allow an attacker to steal credentials and compromise systems.
What do I need to do?
Organizations that have Authy and Apple Mobile phone users should be provided the guidance to users outlined above labeled Take Action.
Users who want to or need to install patches manually can follow the following actions:
- Updates can be manually installed for Windows and MacOS systems by following the directions below:
- Users should check for and install updates for all Apple IOS devices.
- Update Mozilla Firefox: https://support.mozilla.org/en-US/kb/update-firefox-latest-release
- Update Adobe Acrobat: https://helpx.adobe.com/acrobat/kb/install-updates-reader-acrobat.html
- Update Google Chrome: https://support.google.com/chrome/answer/95414
Additional Resources and Details:
- Apple Smishing – https://www.broadcom.com/support/security-center/protection-bulletin/apple-ids-targeted-in-us-smishing-campaign
- Apple Guidance – https://support.apple.com/en-us/102568
- Pretexting Definition – https://blog.knowbe4.com/pretexting-defined
- OpenSSH – https://www.scmagazine.com/news/cisco-warns-of-appliances-vulnerable-to-regresshion-vulnerability
- OpenSSH – https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html
- RADIUS – https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
- TeamViewer – https://thehackernews.com/2024/06/teamviewer-detects-security-breach-in.html
- Authy – https://www.securityweek.com/twilio-confirms-data-breach-after-hackers-leak-33m-authy-user-phone-numbers/
- Apple ID/iCloud – https://www.broadcom.com/support/security-center/protection-bulletin/apple-ids-targeted-in-us-smishing-campaign
0 Comments