Another Way to Do Cybersecurity
Published May 3 2024 10:43 AM
When credentials are compromised, or a system infected with malware, changing a password or even reimaging a system are no longer sufficient to protect data. Learn what to do to help keep your information safer.
Old techniques no longer enough
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Published May 3 2024 10:39 AM
The four vulnerabilities rated as critical are part of 10 discovered vulnerabilities. The four could allow attackers to remotely execute code on the systems. These are quite serious. Install the patches as soon as possible on all affected systems.
HPE Aruba devices have 10 vulnerabilities
Dropbox Breach Exposes Customer Credentials, Authentication Data
Published May 3 2024 10:36 AM
Dropbox Sign, a services used to e-sign important documents has been compromised. Sadly, the links used by clients of the service to make life easier for their clients can be exploited to gain access to other systems.
Dropbox Sign serious breach
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Published May 3 2024 10:32 AM
Apps found in the Google Play Store are being exploited due to a vulnerability. The attacker can gain access to tokens allowing access to other accounts. Be sure and install patches and updates as needed.
Popular Android apps susceptible to serious flaw
13.4M Kaiser Insurance Members Affected by Data Leak to Online Advertisers
Published May 3 2024 10:29 AM
Kaiser Permanente reported that a misconfiguration in their systems shred confidential data on members with their advertisers.
Kaiser leaks PII on 13.4 million subscribers
Social Engineering Scams Take a New Turn
Published Apr 26 2024 11:43 AM
Social engineering, or fooling people into doing bad actions, is one of the most successful attack methods of cybercriminals. Building on success, they have a new way to do it and gain access to company systems and steal money.
Social Engineering is the new attack of choice
Attacker Social-Engineered Backdoor Code Into XZ Utils
Published Apr 26 2024 11:40 AM
Attackers have shown that no technical skill is needed to perpetrate a significant cyber compromise. Social engineering, the art of convincing people that you are authorized to get confidential information, is enough.
Social Engineering yields big rewards
Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs
Published Apr 26 2024 11:37 AM
CrushFTP is a file transfer package used by many companies. By exploiting a zero-day vulnerability attackers have been able to gain access and even execute code. Install the patch now.
Another zero-day being exploited
New 'Brokewell' Android Malware Spread Through Fake Browser Updates
Published Apr 26 2024 11:33 AM
Another instance of fake updates being used to spread malware. Be very careful before accepting the updates.
Fake updates again
Russian Hackers Exploiting Windows Print Spooler Vuln
Published Apr 26 2024 11:29 AM
Using a vulnerability known about for at least 18 months attackers have been able to compromise systems and even escalate privileges to steal credentials.
https://www.bankinfosecurity.com/russian-hackers-exploiting-windows-print-spooler-vuln-a-24929?rf=2024-04-24_ENEWS_SUB_BIS__Slot9_ART24929&mkt_tok=MDUxLVpYSS0yMzcAAAGSr4ul2yqPWIjl1u69Wa5V23_QzZNCcn15Pan6dbUoE__vtq5YgLJA4AuhJfOKVQQXer_JGKKD9KnccY40iIhNafrdR1v3o05O6e8BmZA0U5eU0LA6
SMB Cyber Myths
Published Apr 19 2024 10:10 AM
There are a number of myths that endanger Small and Medium size businesses, SMBs. Do you know what they are? And what to do about them? We tell you here.
Cyber myths are dangerous
Cisco Duo's Multifactor Authentication Service Breached
Published Apr 19 2024 10:08 AM
Multi-factor Authentication, MFA, is touted as far safer than passwords alone. However, there are different types of MFA. Some are much safer, and some are not. Here Cisco’s MFA has been breached. Know what to do.
Cisco MFA breached
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
Published Apr 19 2024 9:55 AM
Kubernetes, the open source container software, is widely used and is now being exploited. If you use it, learn what to do.
Kubernetes being exploited
Facebookâs AI Told Parents Group It Has a Gifted, Disabled Child
Published Apr 19 2024 9:53 AM
In another example of an AI system issue, a parent enquired about advice for a gifted and disabled child. The AI system replied that it, the AI system, had a gifted and disabled child. All that these systems say should not be taken at face value.
AI system has a child???
Gamers Are Renting Their Idle GPUs to Generate AI Porn
Published Apr 19 2024 9:51 AM
Gamers typically use devices with high powered graphics engines. Now they are renting that capacity to cybercriminals to generate porn using AI systems.
Gamers renting idle GPUs for nefarious purposes