Install these important software patches quickly from leading software distributors.
Welcome to Cyber Security Today. It’s Friday, October 23rd. I’m Howard Solomon, a collaborative cybersecurity reporter for ITWorldCanada.com. To listen to the podcast click on the arrow below:
You can call this an update edition, because many of the news deals with newly released security fixes.
Chrome Attention browser users: Google has released a patch to fix several high-severity vulnerabilities. You need to update your browser now. There is often a warning icon in the upper right corner, but if there is no click on the three dots on the right, go to Help and then About Google Chrome.
Attention users of mobile browsers, including Safari, Opera, Yandex, Bolt, UCWeb and RITS. Make sure you are running the latest versions. Security researchers have discovered bugs that allow hackers to spoof the address bar of those browsers. As you know, the small screen of a smartphone makes it difficult to verify that a website is real, so hackers’ ability to spoof an address is a good weapon for them – and a bad one for you. So far, UCWeb, Opera Touch, Yandex and Safari have released fixes. A fix for Opera Mini is expected on November 11. Bolt Browser has not yet been fixed.
If you use a QNAP storage device connected to the network as a domain controller, be sure to update the operating system and all installed applications. Otherwise, you could be vulnerable to a vulnerability called Windows Zerologon.
Cisco Systems is asking administrators whose organizations use their routers that run the IOS XR operating system to ensure they have the latest software. This is to fix a bug that explores the Cisco Discovery Protocol. The fix for this has been around since February, so there is no reason not to have it installed now.
Attention Adobe users: The company has released security updates for its main products that need to be installed as soon as possible. This includes Photoshop, Dreamweaver, Illustrator, After Effects, Marketo, Creative Cloud Desktop, InDesign, Media Encoder and Premiere Pro
Finally, Last week, I told you about a cyber attack on the Barnes and Noble bookstore. This week, a ransomware gang called Egregor told Bleeping Computer news service that is behind the attack. She claims that corporate financial files have been copied and threatens to release them unless they are paid for.
That’s it for Cyber Security today. Links to details on these stories can be found in the text version of each podcast at ITWorldCanada.com. This is where you will also find my news aimed at companies and cybersecurity professionals.
In the late afternoon, we will launch the Week In Review podcast, with guest analyst Terry Cutler, from Cyology Labs. Tune in on the way home or on the weekend.
Cyber Security Today is heard on Mondays, Wednesdays and Fridays. Subscribe to Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.
Would you recommend this article?
Cybersecurity conversations with your board – a survival guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE PRESIDENT AND CIO, NAV CANADA