Take It Personally: Ten Tips for Protecting Your Personally Identifiable Information (PII)
Take It Personally: Ten Tips for Protecting Your Personally Identifiable Information (PII) Seems like we always have a connected device somewhere within arm’s reach, whether it’s a smartphone, laptop, tablet, a wearable, or some combination of them all. In a way, we bring the internet along with us nearly wherever we go. Yet there’s something […] more…VMware SD-WAN Vulnerabilities Expose Enterprise Networks to Attacks
VMware on Wednesday patched a total of six vulnerabilities in its SD-WAN Orchestrator product, including flaws that can be chained by an attacker to steer traffic or shut down an enterprise network. read more more…Medical Care #FromHome: Telemedicine and Seniors
Medical Care From Home: Telemedicine and Seniors For weeks and even months now, millions of us have relied on the internet in ways we haven’t before. We’ve worked remotely on it, our children have schooled from home on it, and we’ve pushed the limits of our household bandwidth as families have streamed, gamed, and conferenced […] more…Date Night #FromHome Ideas
Date Night #FromHome ideas “So, what movie should we watch?” The dreaded question. Twenty minutes of “mmm, maybe” later, you settle on an old episode of “The Office” and call it good. If that sounds a little too familiar, this post is for you. With so many of us having date night at home, now […] more…FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops. Our data shows that the attack started on September 7, 2019. All of the impacted online shops are hosted on the cloud platform of the e-commerce service provider “Volusion,” one of the top e-commerce […] more…Saving Summer: 5 Strategies to Help Reign In Family Screen Time Over Break
It’s the most wonderful time of the year — for teachers and lifeguards. For everyone else (parents) we have a little prep work to do to make sure the summer doesn’t lull our kids into digital comas. Most of us have learned that given zero limits, kids will play video games, watch YouTube, send snaps, […] more…Former DHS Head Took up Cyber Despite White House Aversion
A top White House official told Kirstjen Nielsen, then Homeland Security secretary, not to bring up election security with President Donald Trump, steering her away from discussing a critical national security threat with a president who bristles at suggestions that Russian interference contributed to his 2016 victory, according to two people familiar with the matter. […] more…APT review of the year
What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer; everybody has partial visibility and it’s never possible to really understand the motivations of some attacks or the developments behind them. Still, with the benefit of hindsight, let’s […] more…IoT Devices: The Gift that Keeps on Giving… to Hackers
McAfee Advanced Threat Research on Most Hackable Gifts You’ve probably noticed the recent increase in Internet connected drones, digital assistants, toys, appliances and other devices hitting the market and maybe even showing up in your own home. The sale of these “Internet-of-Things” (IoT) devices is expected to reach 600 million units this year[1] and, unfortunately, […] more…Dnsmasq: A Reality Check and Remediation Practices
Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured with certain options. Based on Censys and Shodan data, […] more…Oh No! 8 Signs that Grandma’s Getting Baited by a Catfish!
His name was Colonel Lance Shimmeroff. He was a retired U.S. Army officer and happened to be an ace Words With Friends player, according to my 75-year-old mother, who no one in the family could beat at the online game. They played the game often, and he impressed with his word combinations and witty banter. […] more…Ransomware Families Use NSIS Installers to Avoid Detection, Analysis
Malware families are constantly seeking new ways to hide their code, thwart replication, and avoid detection. A recent trend for the delivery of ransomware is the use of the Nullsoft Scriptable Install System (NSIS) with an encrypted payload. The list of the most common families using this technique is diverse and includes Cerber, Locky, Teerac, Crysis, […] more…Kim Dotcom faces extradition to the US
A New Zealand court ruled on Monday that internet entrepreneur Kim Dotcom could be extradited to the United States to face charges relating to his Megaupload website, which was shut down in 2012 following an FBI-ordered raid on his Auckland mansion. The Auckland High Court upheld the decision by a lower court in 2015 on […] more…Businesses as Ransomware’s Goldmine: How Cerber Encrypts Database Files
Possibly to maximize the earning potential of Cerber’s developers and their affiliates, the ransomware incorporated a routine with heavier impact to businesses: encrypting database files. These repositories of organized data enable businesses to store, retrieve, sort, analyze, and manage pertinent information. When utilized effectively they help maintain the organization’s efficiency, so holding these mission-critical files […] more…Badlock, another ‘major’ security bug that puts profits before patches
Some have accused the developer of profiteering by publicly revealing a vulnerability that amounts to effectively fixing their own code. more…Malicious Adware Uses Certificates to Disable Security Products
A piece of malicious adware dubbed “Vonteera” tricks the operating system into thinking that digital certificates from security companies are untrusted in an effort to prevent anti-malware products from blocking it. read more more…More information
- HPE Says Personal Information Stolen in 2023 Russian Hack
- Cisco Patches Zero-Day Flaw Affecting Routers and Switches
- BrandPost: Getting the Most Out of Your Computing Investments
- BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol
- Router Company Lazily Blocks Open Source Router Firmware, Still Pretends To Value ‘Creativity’
- BoostSecurity Exits Stealth With DevSecOps Automation Platform, $12M in Seed Funding
- AT&T Backs Away From Deal to Supply China Made Huawei Phones
- Chipmaker Intel Corp. Blames Internal Error on Data Leak
- How to Make Your Own Hand Sanitizer
- Juniper Junos CVE-2019-0064 Denial of Service Vulnerability