CISA Security Advisories

Regular readers know that I use the US government Cybersecurity and Infrastructure Security Agency (CISA) website as a reliable source of information on software and hardware vulnerabilities. Ones that impact the organisations we support are escalated to our support team, then I write about those and the rest here, for you.

This week there have been advisories for a range of Mozilla products. Get the patching done and check all of your team has done it as well. (Not sure how to check your team has is patched? Have a look here.)

Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR | CISA

CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:

Current Activity | CISA

Other Items of Interest

Canada and the US are seeing an significant rise in the TrueoBt malware activity. What starts over there can easily spread over here. The malware is distributed through phishing emails and one characteristic of TrueBot is that the downloader is bloated with over a gigabyte of excess code to obfuscate the true intention of the software and evade detection.

Truebot Activity Infects U.S. and Canada Based Networks | CISA

They also issued an alert about the increase in targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. These have been targeted across a range of organisations across many sectors.

DoS and DDoS Attacks against Multiple Sectors | CISA

Your takeaway

You may not be the target of these DoS and DDoS attacks but these types of attacks when directed at major suppliers can have a serious impact on the organisations (you) that are relying on the service which are no longer accessible. Such as some of the recent attacks that have degraded Microsoft 365 services.

My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading