Hello Backstoppers!
Happy day after Halloween! Hopefully the candy is slowly processing out of your system, and the sugar rush is fading in clarity for you this morning.
Yesterday was the end of National Cybersecurity Awareness Month. If you’re reading this, you’re off to a good start. But it’s always a good reminder that there are things we need to do to protect our systems and ourselves from what’s out there.
-
S3 continues to be an issue for many companies. From Codebook: According to McAfee statistics released Monday, 5.5% of “AWS buckets,” the storage containers in Amazon cloud storage accounts, are left public by accident. That’s a shocking amount of private data left public. Remember that Backstop will track your buckets, and let you know when buckets are public that shouldn’t be. Don’t be in that 5.5%.
-
On that note, an ISP left a lot of personal data in a public S3 bucket.
-
Macforums and Joomlart were breached and data lost. If you have accounts on there, now’s a good time to reset all passwords that were shared with that. If you’ve integrated your Gsuite with Backstop, we’ll let you know if you were in the list.
-
A number of Apple vulnerabilites were patched. Make sure you have the latest updates.
-
NAS Firmware bugs were also patched. Devices in the field are always slower to get updated.
-
Linux boxes are vulnerable to bad DHCPv6 packets. Systemd updates are available, get patched!
-
Voting machines are still full of holes. Machines with paper trails are still the only way to be safe and secure and auditable. Still, get out and vote!
That’s all for now, stay safe friends!
Image courtesy of https://www.deviantart.com/naruto3ever