Citrix, Brother, Fujifilm, Toshiba, Konica, Minolta, SonicWall, Asana, Google
Risk 1: High
Issue: Citrix, a large provider of software and hardware devices, has acknowledged that a large vulnerability allowing easy access for remote access and control a system is currently very actively being exploited. This accounts for a large number of Citrix related devices and products.
Resolution: Patches are either available or in the process of being made available. Any Citrix user should update their products immediately or limit device availability until a patch is available for their device.
Risk 2: Medium
Issue: Nearly 750 different printer models have had a vulnerability discovered that allows their default password to be determined. With this password, remote access to the environment and access to PII can be allowed. There is not an easy fix for this vulnerability.
Resolution: Users of one of these models should change their printer password, only allow for communication through known, secure channels, and apply existing firmware updates where available.
Instructions on what users should do are available for Brother, Konica Minolta, Fujifilm, Ricoh, and Toshiba.
Risk 3: High
Issue: A version of SonicWall's VPN solution has been modified by malicious actors to service as a device to mimic the company's VPN solution, but merely steals their VPN credentials. With these credentials, it allows remote actors access to the remote services connected to that VPN.
Resolution: As this is not a product created by SonicWall, but merely a trojan acting like the original, SonicWall is trying to mitigate, but user intervention is the best solution. Users should ensure that their VPN solution was installed and provided directly from SonicWall and not an unknown source.
Risk 4: Medium
Issue: Asana announced that their recently released MCP (AI) feature designed to add a large language model into their project management platform shared confidential information between businesses, exposing related data.
Resolution: Asana has not made a public statement but has begun reaching out to impacted organizations. Asana users who had activated MCP should review their data logs to determine if any data was shared.
Risk 5: High
Issue: Gmail has been targeted through an increase in social engineering attacks to obtain MFA-bypassing credentials that are common on the platform to allow for third-party app usage. This style of app usage is growing as people are leveraging third-party tools, specific to AI, more frequently.
What does this mean? Using social engineering (trying to extract information from you or your content), malicious actors are bypassing MFA within certain connections to Gmail.
Resolution: It is important to ensure, if you are using third-party apps that you enable their full thread of security protocols available and ensure that you keep them updated. More so, staying extra cautious connected to potential risks from social engineering is also critical.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
