News Week Ending June 19, 2022


Follina Patch
by Artie Kaye

Microsoft has released a patch for Follina, which is actively being used to attack users.  Follina is an exploit that exists in Office.  If a user downloads a compromised file and opens it using Office, there is a script hidden in the document that will run and give the attacker access to the machine to run other code.  This is a vulnerability that needs to be addressed sooner than later, so get the June update from Microsoft.  Protect your machines, protect your documents, and protect your business!

In May, Microsoft released a patch for Active Directory. Servers that were patched started to return authentication errors.  A second patch was released shortly after to address this, though the patch has to be manually applied to affected machines.  

https://www.cpomagazine.com/cyber-security/chinese-hackers-able-to-directly-exploit-major-telcos-via-routers-and-networking-equipment-largely-using-published-vulnerabilities/

https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/update-now-microsoft-patches-follina-and-many-other-security-updates/

https://securityboulevard.com/2022/06/follina-zero-day-vulnerability-breakdown-analysis-and-remediation/

US Telcos Targeted by Foreign Attacks
by Artie Kaye

Many US telcos are facing attacks from foreign entities.  These attacks are channeled through networking equipment, such as routers and network-attached storage.  There are security updates available for many devices currently being used that can help.  The devices that are compromised come from too many manufacturers to list here.  Check with your tech support and see that your network devices are secure and updated.  It is a constant process, but it will keep you safer.

https://www.csoonline.com/article/3661549/patching-the-latest-active-directory-vulnerabilities-is-not-enough.html

https://www.darkreading.com/vulnerabilities-threats/microsoft-fix-patch-tuesday-breaks-authentication

https://www.grc.com/sn/SN-872-Notes.pdf