<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=154189778396022&amp;ev=PageView&amp;noscript=1">
Close
Citrix Slowing you down? Start speeding things up! Get Our Ebook
Featured Image

Whitehat Virtual Security Bulletin - September 2016

Whitehat Virtual Security Bulletin - September 2016 

October 2016

Subscribe to Email Updates

Whitehat Virtual Security Bulletin - September 2016 

enterprise-security.png

Every day is an interesting one in the cyber security world. Here are some highlights from the past few weeks that Whitehat Virtual would like to share with you. At the end of each security breach you'll find recommended solutions to address each issue.  We’re here to help you secure your business in any way we can and we hope this helps. Stay safe out there!

Dropbox

Hackers have stolen over 60 million Dropbox users’ account information. They have released a statement requesting that users change their passwords.

Hack Brief: 4-Year-Old Dropbox Hack Exposed 68 Million People's Data

Dropbox Blog: Resetting Passwords To Keep Your Files Safe

Instructions for resetting your Dropbox password

If you're not currently signed in to your account:

  1. Visit dropbox.com in your web browser.
  2. Click Sign in.
  3. Click Forgot your password?
  4. Enter the email address you used to create the account.
  5. Check your email inbox and click the link in the email you received to reset your password. 

Apple

Apple has released a patch for what is arguably the worst vulnerability of all time for its’ iOS devices. Remote spying of text, email, phone calls, GPS location, and even remote camera usage are among the headlines relating to this vulnerability.

Apple Releases Security Update

iPhone Users Urged to Update Software After Security Flaws Are Found

Instructions for updating iOS devices can be found by clicking here

NSA

A group claiming to have hacked the NSA’s hacking group released a small amount of what it claims are military grade cyber weapons that were in use by the NSA as recently as 2013. The vulnerabilities affect some of the most popular network and security hardware and software in use today. Cisco, Fortinet, Juniper and TopSec are among those. The group is now auctioning off the remainder of the weapons, though it’s widely believed to be a smoke and mirror distraction.

Fortinet Releases Security Advisory

Cisco Releases Security Update

Cookie Parser Buffer Overflow Vulnerability

Shadow Brokers Release of Hacking Code

Instructions for updating the affected products can be found in each of the links above. We recommend updating these products as soon as possible.

Google Chrome

Google has released updates to Chrome after researchers discovered a Trojan that impersonates the popular web browser.

Google Chrome Impersonator

Instructions for updating Chrome can be found here.

Microsoft Windows

New “Fantom” ransomware has been found disguised as a legitimate Microsoft Windows update.

"Fantom" Ransomware

OneLogin

Single sign-on and identity management company OneLogin was breached. The attacker used an employee’s login information to gain access to internal logging systems and see customer Secure Notes which are typically encrypted.

OneLogin Breached

As always, we encourage users to be aware of their actions pertaining to security online. Some simple tips to keep you safe include:

  1. Use complex and unique passwords when possible and change them on a regular basis
  2. Don’t click links in emails that you can’t verify the authenticity of
  3. Don’t visit websites that are of a questionable nature
  4. DO NOT provide any personal information if you do find yourself at a questionable site

Online security starts with the end user and basic awareness can go a long way to prevent accidental exposure of sensitive information. We hope you’ve found this informative and helpful and we encourage you to send us any questions or comments you may have on the topics we’ve addressed. 

If you'd like to identify the strengths and weaknesses of your IT infrastructure, a security risk assesment will let you know if you are at risk. 

Click Here to speak with a member of our Security Team.