Catch Of The Week: Small Business Cyber Updates

first_imgWhat can you do? Cisco fixed this issue in firmware release 4.2.3.10; if you are using the affected router models (RV320 and RV325 Dual Gigabit WAN VPN) you will need to update the firmware as there is no workaround. If you don’t need the remote management feature on these routers, you can also disable it. Cisco stated that this was an oversight by their developers, and the certificates and keys were never intended to be shipped with the products. The certificates were used for testing purposes during the development of the firmware and were not intended for live functionality. By BECKY RUTHERFORDLos Alamos Issues included hardcoded password hashes and static X.509 certificates with corresponding public/private key pairs and one static Secure Shell (SSH) host key. Security researchers at SEC Consult/IoT Inspector found numerous security issues for the Cisco RV320 and RV325 Dual Gigabit WAN VPN router series. CISA Releases Cyber Essentials for Small Businesses/Government Agencies Cisco Small Business Router Vulnerabilities Check out Cyber Essentials here: https://www.cisa.gov/cyber-essentials Editor’s note: Becky Rutherford works in information technology at Los Alamos National Laboratory. Cisco disclosed several other high-severity flaws affecting other small-business routers. More information can be found on their security advisory page:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-sbrv-cmd-x Why is this bad? According to Cisco, “An attacker with access to the base operating system on an affected device could exploit this issue to obtain root-level privileges. However, Cisco is not currently aware of a way to access the base operating system on these routers,” Cyber Essentials includes five different elements: YourselfYour StaffYour SystemsYour SurroundingsYour Data Each section offers guidance for leaders as well as actionable items that you can take to help protect your small business or government agency. The guidance is consistent with the NIST Cybersecurity Framework and other standards. The US Department of Homeland Security Cybersecurity and Infrastructure Agency (CISA) released guidance on Cyber Essentials for small businesses this week. This guidance is meant to serve as a starting point for small businesses and other government agencies to better understand and learn to remediate cybersecurity risks. This resource offers actionable, basic steps, and resources that can be used to improve cybersecurity posture. The flaw was assigned the tracking identifier of CVE-2019-15271, and could allow a remote attacker who has authenticated to the system to execute malicious commands with root (admin) privileges. A hacked or compromised router could cause a lot of damage, not just on the router, but to every device running on your network. CISA details actions that organizations/governments can take even before they adopt the Cyber Essentials:Backup Data: Employ a backup solution that automatically and continuously backs up critical data and system configurations.Multi-Factor Authentication: Require multi-factor authentication (MFA) for accessing your systems whenever possible. MFA should be required of all users, but start with privileged, administrative, and remote access users.Patch and Update Management: Enable automatic updates whenever possible. Replace unsupported operating systems, applications, and hardware. Test and deploy patches quickly. last_img read more

Setelah Boeing, Kini Karyawan Airbus di Spanyol Dilaporkan Positif Terinfeksi Corona

first_imgPabrik Airbus di Getafe, Spanyol. Foto: airbus.com Setelah Boeing yang mengumumkan kasus karyawan yang positif terkena corona, kini karyawan Airbus di pabrik Getafe, Spanyol di diagnosa positif terinfeksi virus corona dan harus dikarantina. Airbus merilis salah satu karyawannya yang terinfeksi virus corona pada 9 maret 2020.Baca juga: Tiga Pekerja Boeing di Washington Positif Terinfeksi Covid-19Dilansir KabarPenumpang.com dari laman flightglobal.com (12/3/2020), pihak manufaktur mengatakan, telah menyarankan karantina pribadi selama 14 hari bagi pekerja yang telah melakukan kontak langsung dengan karyawan yang terinfeksi virus corona. Airbus menegaskan, bahwa kesehatan dan keselamatan adalah prioritas nomor satu bagi mereka. Dalam tindakan pencegahan penyebaran virus tersebut, Airbus mengikuti protokol medis dari otoritas kesehatan global dan nasional serta telah menerapkan pedoman staf dalam kaitannya dengan interaksi sosial, kebersihan, perjalanan dan kunjungan ke fasilitas Airbus. Pabrik Airbus di Gertafe sendiri membuat stabilisator horisontal untuk seri A350, A330 serta untuk keluarga A320 dan membangun tail-cone untuk A350.Selain itu, di pabrik Getafe, Airbus juga melakukan pekerjaan konversi untuk pesawat tanker militer A330 MRTT, memasang pengisian bahan bakar dan sistem avionik khusus pada twinjet.Selain Airbus, tiga karyawan Boeing di pabrik jet Everett, Washington juga positif terinfeksi virus corona. Ketiga karyawan tersebut kini dalam karantina dan tengah menerima perawatan. Karena hal ini, Boeing juga merumahkan sepuluh karyawan lainnya untuk mengkarantina diri mereka di rumah selama 14 hari.“Kami telah memberitahu karyawan lain dan mengikuti saran pejabat kesehatan masyarakat. Sebagai tindakan pecegahan, kami telah meminta semua rekan kerja karyawan yang terinfeksi dan berada dalam kontak dekat untuk tetap tinggal di rumah agar dikarantina dan mengawasi diri sendiri,” ujar Boeing dalam sebuah pernyataan yang dikutip KabarPenumpang.com dari laman seattletimes.com (9/3/2020).Adanya karyawan Boeing yang terinfeksi, membuat mereka melakukan pembersihan menyeluruh terhadap area kerja dan ruang umum. Meski adanya karyawan yang positif corona, Boeing mengaku pekerjaan produksi maupun rantai pasokan mereka belum terpengaruh.Baca juga: Akibat Virus Corona, Airbus Tangguhkan Produksi Pesawat di Pabrik Tianjin, CinaSeattle sendiri merupakan satu dari beberapa wilayah Amerika Serikat yang menangani virus corona. Washington yang merupakan hotspot infeksi virus ini sudah melaporkan 267 kasus yang dikonfirmasi termasuk 54 kasus di Snohomush County yang mencakup Everett.Share this:Click to share on Twitter (Opens in new window)Click to share on Facebook (Opens in new window)Like this:Like Loading… RelatedTiga Pekerja Boeing di Washington Positif Terinfeksi Covid-1912/03/2020In “Featured”Akibat Virus Corona, Airbus Tangguhkan Produksi Pesawat di Pabrik Tianjin, Cina06/02/2020In “Analisa Angkutan”Airbus Masih Hentikan Produksi, Serikat Pekerja Layangkan Protes23/03/2020In “Analisa Angkutan”last_img read more

Ghana beat Uganda 3-0 in U-20 qualifier

first_imgGhana’s hopes of reaching the 2013 African Youth Championship is a step closer after beating Uganda on Saturday to reach the final qualifying round.The Black Satellites beat the Hippos 3-0 in Tamale to complete a 4-3 aggregate victory.The victory sets up a two-leg final round decider against Morocco, who advance past the Gambia, after the West African nation trailing 4-0 from the first leg withdrew from the qualifiers.With a 3-1 first leg deficit hanging over their heads prior to kick-off, Maxwell Konadu’s side scored in either half of the game despite missing a first-half penalty.Moses Odjer put Ghana in front to finish the first 45 minutes 1-0 up after Jacob Apau missed from the spot following a penalty.The second half saw the Ghana create many chances but failing to find target. Ghana’s determination to avoid elimination paid off when Ebenzer Attafuah scored the second goal to put the Black Satellites in the driving seat.However, the final 20 minutes produced lots of tension but Emmanuel Gyamfi’s goal sealed the day for the Black Satellites.The final round match against Morocco will be played next month. The first leg is on the weekend of 21, 22, 23 September 2012 with the return clash set for 5, 6, 7 October 2012 for a place in the finals to be hosted by Algeria.last_img read more