Alerts and Advisories

Latest Alert - September 14, 2021

ALERT : Apply Apple emergency patch immediately

Affected operating systems : iOS 14.8 and iPadOS 14.8, watchOS 7.6.2, MacOS Big Sur 11.6

Users of Apple devices are encouraged to update their operating systems immediately to the latest release in order to protect against a zero-day exploit that requires little or no user interaction. This exploit, known as FORCEDENTRY, may allow for arbitrary code execution, including the installation of spyware. Apple is aware that this may have been actively exploited.

For more information ...

https://support.apple.com/en-us/HT212807
https://www.msn.com/en-ca/news/technology/do-you-own-an-iphone-or-ipad-update-your-apple-devices-right-now/ar-AAOp70o?ocid=winp1taskbar
https://www.techzine.eu/news/security/65408/apple-releases-update-fixing-nso-spyware-vulnerabilities/

Latest Advisory - January 22, 2021

Current Advisory: NitroPDF Breach

Risk: LOW

Severity: LOW               

Vendor: Nitro

Versions Affected:

All Versions of NitroPDF

Description:

Nitro Software announced that they had suffered a data breach on 28 September 2020.  According to BleepingComputer, “The 14GB leaked database contains 77,159,696 records with users' email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.”  See the full article at …  https://www.bleepingcomputer.com/news/security/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records/

The database has been added to the HaveIBeenPwned service at https://haveibeenpwned.com where you can search to see if your email address is included in the list of breached user accounts.

Steps:

Note that the NitroPDF breach contained hashed passwords, not passwords in plain text.  However, if your email address is indicated as being included in the NitroPDF breach, it is recommended to change your password, as well as to implement additional password security such as Multi-Factor Authentication.


Published on  and maintained in Cascade.