Issue: ASUS, a manufacturer of hardware devices, recently announced a vulnerability in their AiCloud routers. This is one of their more recent product lines. The vulnerability allows remote individuals to bypass the device’s security and gain access to both the device configuration as well as access the internal network. This is a severe issue and has the potential for significant harm.
Resolution: ASUS has issued an update. If you use an AiCloud router, please update your device firmware to the most recent version.
Risk 2: Medium
Issue: A new malware, ClickFix, is growing in popularity. This malware generates a realistic pop-up informing the user that there is a Windows Update available and they should click to update. The full depth of the exposure is not fully known, but it does provide system-level access.
Resolution: Users should not initiate a Windows Update from a pop-up. It is recommended that users go to Settings to confirm the update and run it from the source.
Risk 3: High
Issue: SonicWall, a manufacturer of network devices, including firewalls, recently announced a vulnerability in their firewall device line for devices over model 5000. These models are currently highly susceptible to Denial-of-Service (DoS) attacks. A DoS attack occurs when multiple systems target a system to the point that it runs out of resources and either operates slowly or crashes. SonicWall has stated that these devices crash under pressure, and the recovery is challenging. You can access the list of impacted devices here.
Resolution: SonicWall has now officially released an update so anybody with an impacted model should apply the update immediately.
Announced Data Breaches
OpenAI (API)
London Councils
CrowdStrike
Almaviva
Crisis24
Dartmouth
SitusAMC
Iberia
Cox Enterprises
Harvard
Upcoming Live & Webinar CE (External)
Week of Jan 5: 3-Hour AI Bootcamp (Webinar - Pending)
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
Thanks for the headsup on the ClickFix malware. The fake Windows Update popup is a clever social enginering tactic. Have you noticed if this is targeting specific industries or jsut widespread at this pont?
Thanks for the headsup on the ClickFix malware. The fake Windows Update popup is a clever social enginering tactic. Have you noticed if this is targeting specific industries or jsut widespread at this pont?