Other patches and updates in the news | Smart Thinking Solutions

Other companies gather around Microsoft’s Patch Tuesday and issue their updates round and about the same time and there are also the critical patches that are issued when needed. Here are some that are in the news but you should be checking your systems for updates:

AWS fixes vulnerability affecting container image repository – The Record by Recorded Future

NSA: critical Citrix flaw under attack from China • The Register

The US government Cybersecurity and Infrastructure Security Agency (CISA) keeps a check on security updates and is a good resource.

Apple Releases Security Updates for Multiple Products | CISA

Microsoft Releases December 2022 Security Updates | CISA

Citrix Releases Security Updates for Citrix ADC, Citrix Gateway | CISA

Mozilla Releases Security Updates for Thunderbird and Firefox | CISA

VMware Releases Security Updates for Multiple products | CISA

Fortinet Releases Security Updates for FortiOS | CISA

And then there is advice on specific threats and risks:

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing | CISA

CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:

Current Activity | CISA

There is a lot of work out there to keep your systems safe – so any automation you can deploy is useful, but things need to be monitored and checked. Do you do that?

Do you want to know more?

Tomorrow’s article on CyberAwake will be looking at monitoring, checking and alerts.

Clive Catton MSc (Cyber Security) – by-line and other articles

My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.

phishing emails — Cyber Security Experts | Awareness | Training (cyberawake.co.uk)

Please Note:

I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.