Insights

What is Doxing and Why Should You Care

Doxing is not an innocent action. It can cause significant damage to someone and may lead to death. Doxing is a crime of revenge and needs to be taken very seriously. 

Doxing is way more serious than it sounds


ChatGPT Opens New Opportunities for Cybercriminals: 5 Ways for Organizations to Get Ready

ChatGPT is an AI powered chatbot useful for creating realistic chats to be used for many purposes. However, if hacked, it can produce very realistic phishing questions and for other nefarious purposes. 

AI enabled chatbot creates great risks


Malware Comes Standard With This Android TV Box on Amazon

A bargain priced TV box from Android looked like a good deal. But investigations showed it contained multiple instances of malware. Installing the box released the malware which contacted malware servers to download more malware. 

Android TV box comes with malware installed


Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!

An exploit of ManageEngine is about to be released publicly. Your best defense is to install the patch released by Zoho and close the security hole.    

Patch before the exploit is released publicly


Phishing – Still Incredibly Successful

Phishing is a technique used by cyber criminals to steal information or download an infection. It has been around for years, and much effort has gone into protecting against it. But it still succeeds far too often.

 

Phishing still too successful


98 Patches: Microsoft Greets New Year With Zero-Day Security Fixes

A New Year and a new set of patches. Microsoft released patches for a large number of security vulnerabilities. Be sure and install them quickly. 

 

A New Year and many new patches


Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available

The flaws found in the Cisco SMB router are critical and because the devices affected have reached end-of-life, Cisco will not patch them. If you use any of the affected devices, this may be a good time to consider updating your equipment. 

 

Serious Cisco SMB Router flaw will not be patched


Identity Thieves Bypassed Experian Security to View Credit Reports

Experian is one of the big 3 credit rating companies. The information they gather is necessarily sensitive. Now it has been compromised. 

 

Experian security breached


Attackers Are Already Exploiting ChatGPT to Write Malicious Code

ChatGPT is an AI powered chatbot. Security people said it would be exploited for nefarious purposes back in November 2022 when ChatGPT was introduced. Sadly, they were right.   

 

ChatGPT already being exploited


What’s Next for 2023

Cyber attacks keep evolving. This Insight looks at the predicted targets for 2023 and what you need to do now to prepare. 

 

Cyberattacks to watch for in 2023


Why Security Teams Shouldn't Snooze on MFA Fatigue

Our piece on MFA included the risks of MFA fatigue and how to combat it. This article supports our warning and suggested recommendations. 

 

More on the risk of MFA fatigue


Godfather Banking Trojan Masquerades as Legitimate Google Play App

This cyberattack put a corrupted copy of a real Google Play app that many have downloaded on the Google Play store. Many downloaded it thinking they were getting the real app and wound up with a banking trojan on their system. 

 

Corrupt copy of real app gets downloaded


Latest breach of Okta’s GitHub repositories raises concerns about broader supply chain attack

While we have no evidence to doubt Okta saying the breach didn’t jeopardize any customer information, there is still a lingering doubt about cybercriminals having source code and the impact of supply chain compromises.

 

Will the source code breach lead to supply chain breaches?


Ransomware Attackers Bypass Microsoft's ProxyNotShell Mitigations With Fresh Exploit

Microsoft’s mitigations for ProxyNotShell helped but were only meant as a stopgap solution. Be sure to install the update. 

 

Be sure to install the update!


Do Cyber Incidents Change Consumer Behavior?

The expected abandonment of breached companies didn’t happen. But now consumers are pushing back and demanding more control over their data.  

 

Cyber incidents and consumer behavior