by Scott Muniz | Sep 16, 2021 | Security, Technology
This article is contributed. See the original author and article here.
(Updated, September 17)
On September 16, 2021, Microsoft released additional guidance on Open Management Infrastructure (OMI) vulnerabilities—CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647—which impact Azure VM Management Extensions. According to Microsoft, “[c]ustomers must update vulnerable extensions for their Cloud and On-Premises deployments as the updates become available…”
CISA encourages organizations to review Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions for more information and to:
- ensure automatic updates are applied
- ensure manual updates are applied, as patches are made available
- restrict external access to Linux systems that expose OMI ports (TCP 5985, 5986, and 1270)
(Original, September 16)
Microsoft has released an update to address a remote code execution vulnerability—CVE-2021-38647—in Azure Linux Open Management Infrastructure (OMI). An attacker could use this vulnerability to take control of an affected system.
CISA encourages users and administrators to review the Microsoft Security Advisory to apply the necessary update.
by Scott Muniz | Sep 14, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates.
by Scott Muniz | Sep 14, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Google has released Chrome version 93.0.4577.82 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.
by Scott Muniz | Sep 13, 2021 | Security, Technology
This article is contributed. See the original author and article here.
CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series of four virtual events bringing stakeholders together in a forum for meaningful conversation:
- Oct. 6 – Assembly Required: The Pieces of the Vulnerability Management Ecosystem
- Oct. 13 – Collaborating for the Collective Defense
- Oct. 20 – Team Awesome: The Cyber Workforce
- Oct. 27 – The Cyber/Physical Convergence
Register for this free summit and read more about the presentations at CISA.gov/cybersummit2021.
by Scott Muniz | Sep 13, 2021 | Security
This article was originally posted by the FTC. See the original article here.
Looking for love on LGBTQ+ dating apps? Scammers are at the ready too.
We’re hearing about scams targeting people on LGBTQ+ dating apps, like Grindr and Feeld. And they aren’t your typical I-love-you, please-send-money romance scams. They’re extortion scams.
They usually work something like this: a scammer poses as a potential romantic partner on an LGBTQ+ dating app, chats with you, quickly sends explicit photos, and asks for similar photos in return. If you send photos, the blackmail begins. They threaten to share your conversation and photos with your friends, family, or employer unless you pay — usually by gift card. To make their threats more credible, these scammers will tell you the names of exactly who they plan to contact if you don’t pay up. This is information scammers can find online by using your phone number or your social media profile.
Other scammers threaten people who are “closeted” or not yet fully “out” as LGBTQ+. They may pressure you to pay up or be outed, claiming they’ll “ruin your life” by exposing explicit photos or conversations.
Whatever their angle, they’re after one thing — your money.
If you’re looking for love on dating apps, here are some ways to avoid these scams:
- Check out who you’re talking to. Do a reverse image search of the person’ profile picture to see if it’s associated with another name or with details that don’t match up – those are signs of a scam.
- Don’t share personal information with someone you just met on a dating app. That includes your cell phone number, email address, and social media profile.
- Don’t pay scammers to destroy photos or conversations. There’s no guarantee they’ll do it.
In fact, the FBI advises against paying extortion demands, which could support criminal activity.
And remember that, once you share photos, you can’t take them back.
If you think someone is trying to extort you:
Are you under 25 and looking to connect with a counselor at an LGBTQ+ organization about what happened? Reach out to The Trevor Project. They have free counselors, available 24/7, who can talk to you through their phone, chat and text services.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
Recent Comments