02 Jun 2022
Just a few weeks ago, we asked how many more patch Tuesdays we had left before pieces of the cookie began to crumble a bit. Microsoft answered the question by issuing an out-of-band update when one of their patches recently failed, and left users unable to authenticate.
For this specific situation, you must manually download the out-of-band update. You can find the update for your Windows version at the Microsoft Update Catalog.
We often talk to businesses who don’t prioritize good cyber hygiene, and generally have little understanding of how the Internet actually works. To say that it’s time to take Cybersecurity seriously is an understatement, and as that line was just typed there were thousands of attempts on American Critical Infrastructure.
All of us who participate in the network that is the Internet have a joint interest in keeping it secure. Additionally, those of us who live in the USA have a vested interest in protecting the nation’s Critical Infrastructure.
It seems a bit backwards to wait for another disaster such as the Colonial Pipeline attack. It also seems logical to reason that there likely are vulnerabilities already hiding in many organizations’ infrastructure. Hackers need dwell time, and each day we do nothing is giving them just that.
It’s not hard to find a new entry point, the Internet is called Cyber Space for a reason: it’s full of potential pathways. Bug hunters find new zero-day threats all the time, and the ones that were found last month didn’t just go away.
Just because you walked into the office today and didn’t see a ransomware screen demanding payment to decrypt your systems doesn’t mean your network is free of already-established-risk. It just means that whatever risks may be lurking have yet to be exploited, and that is the perfect time to tighten your defenses before a clean-up crew is the only option.
Hear Colonial Pipeline’s CEO Testify About Insufficient Cybersecurity Protections
Here’s a list of the most major updates and patches just this week:
Apple iOS & iPadOS 15.5 updates fix 34 vulnerabilities, including Kernel flaws
Apple AVD flaw allows an app to execute code with Kernel privileges
Microsoft Windows patch (which failed) fixed 75 vulnerabilities
Firefox ESR 91.9.1
Android patches fix 36 vulnerabilities including privilege escalation bug in Linux Kernel
Qualcomm components of Android
MediaTek components of Android
Chrome 102 fixes 32 issues including DevTools, UI foundations, and user education function
Cisco Enterprise NFV Infrastructure
Nvidia GPU display driver includes 10 vulnerabilities including Kernel on Windows & Linux
Zoom update fixes a vulnerability that allows attackers to connect users to a malicious server
VMWare patches fix privilege escalation and authentication bypass
VMWare says the patches must be applied immediately as “the ramifications are serious.” Particularly alarming to us is how many times the word “Kernel” is used in the list of known vulnerabilities. In a nutshell, it pretty much doesn’t get any worse than a Kernel-level exploit. If the device is a body, the Kernel is the heart.
At&t recently launched a drone called COW (Cell On Wings) that blankets an area in 5G signal, and is experimenting with keeping it in the air for months without landing by harnessing Solar power. These days there’s no shortage of important people and various countries launching Global Satellite Internet systems. This helps to paint the picture of the emerging connectivity of the Internet-of-Things, and a simple reverse engineering of that concept reminds us that malware also benefits from the increasing connectivity. We’ve really all got to secure our own Cyber Space so that the coming connectivity is a positive experience for all of us. Building a castle on a shaky foundation is only good for the shaky foundation, which eventually consumes the castle when it collapses.
Please take patches and updates seriously, and consider a risk assessment to see what the current situation of your network is. It’s not true that what you don’t know can’t hurt you, it just adds insult to injury by surprising you. Be the first to know the state of your network, and just remember: as G.I. Joe correctly stated, knowing is half the battle.
The other half is taking actionable intelligence and using your tools strategically. This is a good time to remind our readers that Extended Detection & Response (XDR) is the smart AI-Driven pathway forward, as all of this is a whole lot for the human mind to stay ahead of. As always, we are here to help. Feel free to reply with questions, or to talk about fortifying your online presence with XDR-centric Cybersecurity.