Seems as though Fortra has issues again with their products, more specificly Go Anywhere; Cisa continues to speak, HPE gets owned in the email department HP says, U.S. and U.K. water utilities are compromised and more.
The top of the news
There are only two items in the top of the news for today. They are:
- CISA Cybersecurity Incident Response Guidance for Water Sector
- HPE Cloud eMail Environment Breached by State-Sponsored Hackers
The rest of the news
Here is the rest of the news. There are 8 items in this list.
- UK and US Water Utilities Hit with Cyberattacks
- More Than 5,000 GitLab Instances Still Vulnerable to Password Reset Issue
- Critical Vulnerability in Fortra GoAnywhere MFT Software
- Cisco Updates Unified Communications and Contact Center Solutions to Fix
- Update Better Search Replace WordPress Plugin
- Bucks County Emergency Computer-Aided Dispatch Hit with Cyberattack
- Healthcare and Public Health Sector Alert: Threat Actor Used ScreenConnect to Gain Foothold in IT Systems
- Jenkins Fixes Critical RCE Flaw
While we must give Fortra credit for notifying their customers privately, I believe the fix for this is similar to what our Tweesecake does. When there’s an update, at some point, the application pops up a dialogue box telling us there is an update and how to get the update. With a product like Go Anywhere, do what Filezilla does and tell us there’s an update, and give us the option to install the thing right then or there. If you put a remind me button, pop up the dialogue at some point and offer the same options.
Sans News Bites January 26, 2024 Vol. 26, Num. 07 should be read for the complete details and let me know what you think.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.