We have two things we would like to bring to your attention.
First, there is a MOVEit vulnerability (CVE-2024-5806), a vulnerability that enables attackers to bypass authentication and gain access to sensitive data. This is a severe vulnerability! ArsTechnica gives a great over view HERE. Including guidance on fixing the vulnerabilities for the following versions, “Fixes for (versions) 2023.0.11, 2023.1.6, and 2024.0.2 are available here, here, and here, respectively. MOVEit users can check the version they’re running using this link.”
Additionally, in the last week, the Department of Commerce’s Bureau of Industry and Security banned the sale and use of the anti-virus and cybersecurity company Kaspersky Lab, Inc.. The use of Kaspersky will be permitted until September 29, 2024, at 12:00am EDT.
We encourage users of Kaspersky begin transitioning to an alternate anti-virus solution as soon as possible to avoid a lapse in solutions.
