[Security Tip] January Security Threats Summarized

Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize and address them for our managed IT services clients.

Below you'll find our monthly recap of all events. If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up.

High Impact

Company/Source	Product	Type
VMware	Workstation, Fusion, ESXi	Security update

Medium Impact

Company/Source	Product	Type
Adobe	Multiple	Security updates
CNMF	Multiple	Malware Disclosure - Iranian APT Muddy Water
McAfee	McAfee Agent for Windows	Security update
Microsoft	Multiple	Security Updates (Jan 2022)

Low Impact

Company/Source	Product	Type
Apple	iOS and iPad OS	Security updates

No Impact to Our Clients/FYI

Company/Source	Product	Type
Apache	HTTP Server	Security Update
CISA	Industrial Control	System Advisories
CISA	Multiple	Cataloged 4 Known Vulnerabilities
CISA	Network Security	Infographic: Layering Network Security Through Segmentation
CISA/FBI/NSA	U.S. Critical Infrastructure	Security Advisory - Russian Cyber Threats
Citrix	Hypervisor	Security Updates
Citrix	Workspace App for Linux	Security Updates
Fresenius	Kabi Agilia Connect Infusion System (Update A)	Advisory
ICS	GE Gas Power ToolBoxST	Advisory (ICSA-22-025-01)
ICS	Mitsubishi Electric MELSEC and MELIPC Series (Update A)	Advisory (ICSA-21-334-02)
Mozilla	Firefox, Firefox EST, Thunderbird	Security Updates
Samba	Multiple	Security Updates
VMware	Workspace ONE UEM Console	Security advisory

If you're not confident your organization is on top of weekly security threats, vulnerabilities, and patches, it's time to conduct a cyber security audit. Or better, get in touch so we can walk you through critical items for your security checklist.