Issue: Oh gosh, Google is having a bad week. A vulnerability was discovered in Google Scripts that allows fake landing pages to be created within the google ecosystem - this creates a huge risk as, the pages being hosted within google, makes them appear legitimate, bypassing many security scans.
Likewise, a recent vulnerability in Google Calendar allowing malware to be attached to calendar events. These events allow remote code execution, causing damage and exposing data.
Resolution: Google is working to fully solidify their platform against these vulnerabilities. In the meantime, users should continue to practice extreme caution when receiving Google calendar invites and any pages that redirect to pages within Google.
Risk 2: Medium
Issue: A large collection of ASUS routers have been compromised with what is called a backdoor - a backdoor provides remote access to a system and/or data. This vulnerability has been recently discovered. The full reach of exposure on this specific vulnerability has not been disclosed.
Resolution: ASUS has released a patch to correct this vulnerability. All ASUS users should download and apply the latest firmware and vulnerability for their specific device.
Risk 3: Medium
Issue: Microsoft has announced multiple issues on their Server line of software. The vulnerabilities expand from remote code execution to entire system freezes/locks. This does not impact their standard desktop operating system.
Resolution: A patch has been deployed. If you have a locally installed version of Windows Server, you should apply the most recent update immediately.
If you are using a hosted platform, please review their logs to determine when they most recently applied the Windows Server udpate.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
Curious, what was the breach at Stark Industries? Were the Mark 42 plans released?