CyberSecurity Updates

It is highly recommended to make sure all systems are fully up-to-date on patching, particularly systems that are externally facing. It appears that the threat actors are exploiting an Oracle WebLogic vulnerability from 2017, dubbed CVE-2017-10271, to establish an initial foothold in the environment. Newer versions of Oracle WebLogic are no longer vulnerable to this, so upgrading to the latest version is recommended to help prevent this attack. Likewise, implementing and maintaining endpoint security controls,…

Security patches are available in the following versions: • FortiOS v.6.2.13, v.6.4.12, v.7.0.10, v.7.2.4, v.7.4.0• FortiOS-6K7K v.6.2.13, v.6.4.12, v.7.0.10• FortiProxy v.2.0.12, 7.0.9, v.7.0.9 Fortinet also advises customers to disable the HTTP/HTTPS administration interface or restrict the IP addresses that can access it as workarounds. It is recommended for organizations to implement these changes to secure administration interfaces, regardless of their vulnerability management cycle and patch deployment. https://thehackernews.com/2023/03/new-critical-flaw-in-fortios-and.html

These attacks can have severe consequences for both the affected organization and its clients or customers, as sensitive information can be leaked or lost, and operations can be disrupted.To prevent these attacks, organizations must take measures to secure their networks and train employees on how to spot and avoid phishing emails and other types of social engineering attacks. It is also essential to have a robust backup system in place so that data can be…

As IT spending on the cloud continues to grow, organizations need to make sure they’re also reviewing their security sets to ensure they can handle new, cloud-related obstacles. Source: https://www.axios.com/2023/03/07/hackers-cloud-breaches-cybersecurity?&web_view=true