Your address will show here +12 34 56 78
Blog
Wondering how to secure your mobile device outside your home?  


Good news…the US National Security Agency (NSA) released a guideline on how to properly secure wireless devices against potential attacks targeting them when traveling or working remotely.


While NSA’s recommendations were created to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers, they pretty much work for all remote workers.


Check out the the info sheet published by the NSA that can help identify potential threats and vulnerable public connections, as well as minimize risks and better secure wireless devices and data. 

A few highlights…


“Cyber actors can compromise devices over Bluetooth, public Wi-Fi, and Near-Field Communications (NFC), a short-range wireless technology. This puts personal and organizational data, credentials, and devices at risk,” the NSA states.


“If users must connect to public Wi-Fi, they should take necessary precautions, such as using a personal or corporate-provided virtual private network (VPN) to encrypt the traffic.”

Try to stay away from public hotspots and disable unused wireless radios


Hijacked wireless devices, including laptops, tablets, mobile, and wearable accessories, can lead to the compromise of personal and corporate data, such as credentials and sensitive documents.


To avoid getting hacked, the NSA suggests avoiding public Wi-Fi networks as they expose traffic data to theft or manipulation, disabling Bluetooth and NFC radios while in public and not in use to avoid exposing info that can be used to hack the device.


“Users should consider additional security measures, including limiting/disabling device location features, using strong device passwords, and only using trusted device accessories, such as original charging cords,” the NSA added.


“Before conducting business remotely or in public settings users should obtain explicit authorization from their organization to do so.”


If you need help with cybersecurity contact us today! Contact Us | Micropac (micropactech.com)

0

Blog

SonicWall has released an “urgent security notice” highlighting a critical risk of immanent ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products.


“Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials,” the company said.


SonicWall has said that the attacks target a known vulnerability patched in newer versions of firmware, and they do not impact SMA 1000 series products.

“Organizations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack,” SonicWall warns.


Either disconnect or update affected devices


Businesses still utilizing EoL SMA and/or SRA devices with 8.x firmware are urged to update the firmware immediately or disconnect the appliances as soon as possible to fend off the critical risk of ransomware attacks.


Customers using actively supported SMA 210/410/500v devices with the vulnerable 8.x firmware targeted in these attacks are also advised to immediately update to the latest version, which mitigates vulnerabilities discovered in early 2021.


“As additional mitigation, you should also immediately reset all credentials associated with your SMA or SRA device, as well as any other devices or systems using the same credentials,” SonicWall adds. “As always, we strongly recommend enabling multifactor authentication (MFA).”

Depending on the product they use, SonicWall recommends organizations to:

  • SRA 4600/1600 (EOL 2019)  Disconnect immediately   Reset passwords
  • SRA 4200/1200 (EOL 2016)  Disconnect immediately   Reset passwords
  • SSL-VPN 200/2000/400 (EOL 2013/2014)  Disconnect immediately  Reset passwords
  • SMA 400/200 (Still Supported, in Limited Retirement Mode)  Update to 10.2.0.7-34 or 9.0.0.10 immediately  Reset passwords  Enable MFA
0