SMB Cyber Myths

There are a number of myths that endanger Small and Medium size businesses, SMBs. Do you know what they are? And what to do about them? We tell you here. 


Cyber myths are dangerous



Cisco Duo's Multifactor Authentication Service Breached

Multi-factor Authentication, MFA, is touted as far safer than passwords alone. However, there are different types of MFA. Some are much safer, and some are not. Here Cisco’s MFA has been breached. Know what to do. 


Cisco MFA breached

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

Kubernetes, the open source container software, is widely used and is now being exploited. If you use it, learn what to do. 


Kubernetes being exploited

Facebook’s AI Told Parents Group It Has a Gifted, Disabled Child

In another example of an AI system issue, a parent enquired about advice for a gifted and disabled child. The AI system replied that it, the AI system, had a gifted and disabled child. All that these systems say should not be taken at face value. 


AI system has a child???

Gamers Are Renting Their Idle GPUs to Generate AI Porn

Gamers typically use devices with high powered graphics engines. Now they are renting that capacity to cybercriminals to generate porn using AI systems. 


Gamers renting idle GPUs for nefarious purposes

AI Hallucinations May Be Used by Cybercriminals

AI systems are still hallucinating despite vendors saying they will fix it. The latest is hallucinating software packages in the libraires used to distribute the packages. A researcher uploaded a package with the AI hallucinated name and it was downloaded over 35,000 times, showing the suggestions by AI systems are often not checked before being used. 


AI hallucinates fake software packages

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

A newly discovered flaw in Palo Alto PAN-OS received a CVSS rating of 10, the most severe given. A patch is available to some customers. Install it immediately. If you don’t subscribe to the Threat Preventions service contact Palo Alto and ask what to do. 


Palo Alto vulnerability gets most serious rating

XZ Utils Scare Exposes Hard Truths About Software Security

These are open source utilities used to compress data and included in the major Linux distributions. However, they have a back door installed by cybercriminals. 

A stark reminder that ultimately users of open source are responsible for security. 


Users responsible for open source security

Cagey Phishing Campaign Delivers Multiple RATs to Steal Windows Data

A newly discovered phishing campaign is installing multiple RATs, Remote Access Trojans that let attackers take over Windows systems. The RATs have devious ways to avoid anti-malware packages. The phishing emails vary but include corrupt attachments that install the RATs. 


Phishing campaign avoids detection

LG Smart TVs at Risk of Attacks, Thanks to 4 OS Vulnerabilities

Recently discovered vulnerabilities in LG TVs let attackers take over the set. They can use the set microphone and camera to watch and listen to you. They can also steal the information gathered by the set. Be sure to update to the newest version of the software. 


LG TVs watching you

Obituary Scams Aided By AI

Cybercriminals are using AI to create fake obituaries. Their goal is to get you to go to the fake obituary site. Then you will have malware downloaded to your device or become the victim of another type of fraud. Be careful!


Be sure that obit is not a scam

Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed

Ivanti has been troubled by numerous vulnerabilities recently. Some of them serious. A security overhaul is needed. 


Better late than never

Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

WordPress is a popular platform for creating websites and managing content. But it is also a favorite target of cybercriminals. A recent vulnerability in a plugin was exploited to expose 1 million sites. It may be popular, but be careful.


Popular yes Risky also yes

Feds to Microsoft: Clean Up Your Cloud Security Act Now

Last year attackers hacked the email accounts of government and business officials stealing valuable information. The investigation found Microsoft was to blame for failing to take cybersecurity seriously in its products used by so many worldwide. Now the government is telling them to put cybersecurity first, before new features or other product changes. Time will tell. 


Gov't to MS: Security before features

Google to Purge Billions of Files Containing Personal Data in Settlement of Chrome Privacy Case

Google is going to get rid of information about Chrome users after losing a court case. This is a good step. But it revealed how much information they gathered even about people using their private browsing option in Chrome. 


Private wasn't private