A weekly recap of pertinent security events you need to be aware of and can read in 7 seconds (or so...)
Do this: Update your networking devices ASAP.
Why: A security researcher specializing in Wi-Fi bugs has reported multiple vulnerabilities, which he called FragAttacks, that affect the Wi-Fi standard itself. The name is short for “fragmentation and aggregation attacks.” Exploiting these vulnerabilities could allow attackers within radio range to steal information or attack devices on users networks.
Additional Info: https://threatpost.com/fragattacks-wifi-bugs-millions-devices/166080/
Do this: Apply the latest Microsoft security patches.
Why: "Microsoft on Tuesday rolled out its scheduled monthly security update with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business."
Additional Info: https://thehackernews.com/2021/05/latest-microsoft-windows-updates-patch.html
Using Adobe Reader?
Do this: Apply the latest Adobe security updates.
Why: Adobe has released security updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products. Included in the updates is a fix for a zero-day flaw affecting Adobe Reader that's been actively exploited in the wild.
Additional Info: https://thehackernews.com/2021/05/alert-hackers-exploit-adobe-reader-0.html
About the Author
Ryan Bradbury, CISSP, OSCP
Principal Consultant & Cofounder
As a founding partner and principal consultant at SEVN-X, Ryan employs his training, experience, and expertise in helping organizations assess and protect their information security assets as well as respond to cybersecurity events. Ryan’s skillset has been forged from an extensive amount of field work—across various verticals—serving in both strategic and tactical security roles. SEVN-X requires all of its team members to be experts in information security and that starts from the top down.