BROADCASTS.com

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 30.\xa0 It is Tuesday December 24, 2019. I am your host Scott Gombar. Merry Christmas All\n\n\xa0\n\nThis podcast is brought to you by Nwaj Tech, a Client Focused and Security Minded IT Consultant based in Central Connecticut.\xa0 You can visit us at nwajtech.com\n\n\nIf you haven\u2019t updated Google Chrome to the latest version yet..do it.\xa0\xa0\n\n\nCitrix vulnerability jeopardizes over 80,000 companies globally\n\n\nTwitter Fixes Bug that Enabled Takeover of Android App Accounts\n\n\nA flaw in the Twitter for Android App has been patched.\xa0 The vulnerability allows would be attackers to take control of Twitter accounts and send tweets and dms.\xa0 If you use Twitter on Android please update immediately.\n\n\nA note from the FBI re: LockerGoga and MegaCortex\n\n\n"Since January 2019, LockerGoga ransomware has targeted large corporations and organizations in the United States, United Kingdom, France, Norway, and the Netherlands. The MegaCortex ransomware, first identified in May 2019, exhibits Indicators of Compromise (IOCs), command and control (C2) infrastructure, and targeting similar to LockerGoga."\n\n\nHave a BCDR plan.\xa0 Backup regularly. Test Backups and Keep a backup offline\n\nEnsure all software and operating systems are up to date\n\nEnable 2FA and have a strong password policy\n\nDisable RDP wherever it is not needed.\xa0 Ensure RDP ports are blocked externally.\xa0 Use RDP over VPN. Use third party software to further secure RDP\n\nAudit the creation of new accounts.\n\nRun port scans to ensure unneeded ports are closed and nothing is listening that shouldn\u2019t be listening..\n\nDisable SMBv1\xa0\n\nMonitor AD for access levels, account changes and new accounts\n\nMake sure you are using the most up-to-date PowerShell and uninstall any older versions.\n\n"Enable PowerShell logging and monitor for unusual commands, especially execution of Base64 encoded PowerShell"\n\n\nNew Mozi P2P Botnet Takes Over Netgear, D-Link, Huawei Routers\n\n\n\nColorado Department of Human Services and Sinai Health System Alert Patients About HIPAA Breaches\n\n\nHoliday Tip -\xa0 If you\u2019re giving anyone a gaming console for holidays unpack it, set it up and install all the updates and then pack it up.\xa0 Update servers are hit pretty hard on Christmas day. Doing this allows the gift recipient to enjoy the gift rather than wait for updates.\n\n\nMerry Christmas All.\xa0 We will talk again Thursday.\xa0 Stay Secure.