Do this: Patch immediately.
Why: On Friday, Google dispatched an out-of-band security update to address a high severity vulnerability in its Chrome browser that is being actively exploited in the wild.
Additional Info: https://thehackernews.com/2022/03/google-issues-urgent-chrome-update-to.html
Using HP printers?
Do this: Patch immediately and follow the company provided mitigation instructions.
Why: HP has published security advisories for three critical-severity vulnerabilities affecting its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models that could be exploited for information disclosure, remote code execution, and denial of service.
Additional Info: https://www.bleepingcomputer.com/news/security/hundreds-of-hp-printer-models-vulnerable-to-remote-code-execution/
Do this: Mandate multi-factor authentication (but not SMS-based), make use of modern authentication options such as OAuth or SAML, review individual sign-ins for signs of anomalous activity, and monitor incident response communications for unauthorized attendees.
Why: Okta has been compromised by theLAPSUS$ hackers resulting in targeted SSO supply chain attacks. They also have access to customers downstream and have the ability to carry out malicious actions in their apps.
Additional Info: https://thehackernews.com/2022/03/microsoft-and-okta-confirm-breach-by.html
Send Us Your Comments
What did you think of this article? Send us a note to let us know what you liked, would like to see more of, or what we can do better. And don't be surprised if we reach back out with a small 'thank you' gift for your feedback.