Two Weeks in Cybersecurity (TWiC) #3

June 18 – July 1, 2023

Recent News

• Apple released security updates to address vulnerabilities in multiple products. New and old version are receiving updates. CISA encourages users and administrators to review the advisories and apply the necessary updates. The products receiving updates are: watchOS 8.8.1, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, iOS 15.7.7 and iPadOS 15.7.7, watchOS 9.5.2, macOS Ventura 13.4.1, iOS 16.5.1 and iPadOS 16.5.1.
• A critical security flaw was found in “Abandoned Cart Lite for WooCommerce” WordPress plugin that is installed on more than 30,000 websites. The vulnerability lets an attacker access user accounts with abandoned carts. WordPress is estimated to run 43% of websites, making it frequently targeted. Companies running WordPress are strongly encouraged to always keep the software up to date.

Two Weeks in Cybersecurity (TWiC) #2

June 4 – June 17, 2023

Recent News

• Mozilla has released security updates to address vulnerabilities for Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. Firefox, Chrome, and Edge updates require users to close and restart the programs in order to automatically install. It is a step that usually delays update installations by weeks because closing all your tabs is the most feared computer action, second only to rebooting.  

Two Weeks in Cybersecurity (TWiC) #1

May 21 – June 3, 2023

Welcome to the first issue of Two Weeks in Cybersecurity. This infrequent message will hit your inbox once a fortnight sharing news you should use. Not intended to be a throwaway, we only plan to share information that ought to get action. Expect to read about recent security updates that need to be applied, cybersecurity compromises that might affect you, and knowledge bombs to steadily grow your own cybersecurity vocabulary and competency. Every two weeks, you will learn a little more about how to make yourself a harder target.