DNS Services, Android, Microsoft Windows, Remote Desktop, Sharepoint
Risk 1: Medium
Issue: An increase in DNS attacks (particularly from a service called Fast Flux) is wreaking havoc on poorly configured networks. DNS is the service that translates an IP address (such as 192.168.1.1) to/from a website address (such as www.microsoft.com).
Resolution: All users should review their network settings and firewalls to ensure that they are pointing to a known and trusted DNS server. If you are unsure, contact your IT service prover or, if you do not have one, contact your internet service provider, and ask what DNS servers you should be using.
Risk 2: Low
Issue: A new malware/app on Android devices named Crocodilus masks itself as (typically) a game and, once installed, gains access to all data on your device, including (per several reports), phone-stored passwords.
Resolution: Users should continue to be extra diligent on installing unknown apps and, especially, unknown publishers. The malware does not remove if you uninstall the app - it requires a phone restore.
Risk 3: High
Issue: Microsoft has experienced vulnerabilities on both its Remote Desktop Desktop and Sharepoint services. Both vulnerabilities allowed remote access to data and the possibility of remote control of machines.
Resolution: Both vulnerabilities have been corrected so any user that has remote desktop or sharepoint installed locally should ensure their versions are updated.
Risk 4: High
Issue: Microsoft has released 61 additional security patches for Windows 11; none of these are labelled as urgent.
Resolution: Windows users should run a system update as time allows.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
