Do you run a small business or manage IT for one? Keeping up with the ever-changing world of cybersecurity can be tough. But guess what? Cybersecurity expert Yigal Behar has your back!
In his podcast, “Cybersecurity News Flash,” he dives into four pressing topics that every small business owner and IT manager needs to know about right now.
1. Microsoft’s Crackdown on Vulnerable Exchange Servers
Yigal kicks off the discussion with the first topic: a proactive measure by Microsoft to prevent vulnerable messages from being sent to Exchange Online.
Microsoft will block messages from unpatched and unsupported on-premise Exchange servers to Exchange Online. This is a three-step approach:
- Alert: Microsoft will alert administrators of unpatched or unsupported Exchange servers in their on-premises environments.
- Throttle: If the issues are not addressed within a set period, Exchange Online will start throttling messages, meaning that the recipient will experience delays in receiving emails.
- Block: If throttling does not result in remediation after another set period, messages from the vulnerable server will be blocked entirely.
Yigal advises that as administrators, you should look for those updates and update your Microsoft Exchange as soon as possible because this is going to be a major problem going forward.
2. QNAP OS Vulnerabilities Affected 80,000 Devices
Yigal mentions that his company helped two customers move away from QNAP NAS devices to different ones. This was due to not only security concerns but also performance and other requirements that the customers had.
QNAP, a company that makes network storage devices, has encountered a huge problem. Their software has two security vulnerabilities that hackers can use to take over the devices. These vulnerabilities affect many QNAP devices, including those running QTS, QuTS hero, QuTS cloud, QVP, and QES. QNAP has fixed the problems for some of their software, but not all of it.
According to Yigal, if you have a QNAP device, it’s very important to update the software as soon as possible. If your device is connected to the internet, it’s even more important to update it, because hackers can easily find and attack it. It might be hard to update the software right away if the device is being used, but you should try to find a time to do it soon.
If you can’t update the device right away, try to protect it by blocking access from the internet, or using a VPN to make it harder for hackers to get in. You should also disable any unused user accounts on the device.
He recommends that you “hire a company that will help you with that and do some scans and make sure that those systems are not vulnerable.”
3. WooCommerce Payments for WordPress Plugin
Yigal shares that a notification bypass and privilege escalation vulnerability was found in the WooCommerce Payments plugin for WordPress, which could allow hackers to take over websites easily.
Users are urged to update to the most recent version of WooCommerce Payments 5.6.2 or later. Now if you’re using a firewall implemented as a plugin, this plugin may give you notifications that you need to update the plugins, and you can also set the plugins to update automatically.
Yigal personally doesn’t like to “update them automatically because you can’t control if the site will be down because of that. And you don’t know which plugin was installed if it was installed automatically. You won’t know what happened if the site goes down.” So, it’s better to update plugins manually, one at a time, to ensure your website keeps running smoothly.
He insists, “Don’t forget to update WordPress. I think the latest version is 6.2.2. Please update WordPress as soon as possible.”
4. Microsoft Outlook App Vulnerability
The last item on the list is about an Outlook app vulnerability.
Yigal claims that it was patched a few weeks ago. He urges users, “You should look into it, as there was a vulnerability in Microsoft Outlook that was patched last week as part of Microsoft Patch Tuesday. It is raising concerns among experts.”
The vulnerability, which can be used to steal NTLM (the authentication protocol that’s been used for 30 years already by Microsoft since NT 3.5) authentication hashes, is easy to exploit and requires no user interaction. Several proof-of-concept exploits have been released (ref).
Yigal encourages that “You need to know about this; you need to update your Outlook app as soon as possible. Using Microsoft Office 365 apps, those updates have been pushed automatically, but you still need to make sure that if you are managing those updates using a third-party patch management tool, you need to allow those patches to run through your systems.”
For more expert tips and in-depth discussions on cybersecurity, be sure to check out The Cybersecurity Insider podcast on YouTube, Apple Podcasts, and Spotify. Don’t leave your business vulnerable—empower yourself with knowledge and take action today!
Here is some news that you need to know as a network admin, business owner, and anyone that security is important.
* Microsoft to Block Messages From…On-Premises Exchange
* QNAP OS Vulnerabilities Affect 80,000 Devices
* WooCommerce Payments WordPress Plugin Authentication Bypass Vulnerability
* Outlook App Vulnerability
Thanks for watching!
The CybersecurityInsider
www.thecybersecurityinsider.com
Host – Yigal Behar