AI Enhanced Attacks
Published May 25 2023 10:19 AM
AI has many positive uses. But it also can be used to devious purposes. Without knowing the ways it is being used by cybercriminals, how can we lok to protect against them?
AI attacks growing
VMware’s ‘target-rich environment’ is growing more volatile, CrowdStrike warns
Published May 25 2023 10:16 AM
The popular virtual machine system, VMware has been the target of many attacks due to its vulnerability and wide-spread use. It has again been compromised.
VMware vulnerabilities still targeted
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
Published May 25 2023 10:13 AM
Microsoft IIS is again a target of cybercriminals. By compromising the IIS servers the hackers can distribute malware to all the users.
IIS again a target of hackers
Microsoft: BEC Attackers Evade 'Impossible Travel' Flags With Residential IP Addresses
Published May 25 2023 10:11 AM
Location is a way that cybercriminals are spotted. For instance, if their message makes them appear local but the IP address shows they are in a foreign country. Now they have figured a way around this by purchasing local IP addresses to use.
Location check faked
Scammers using Chatbot "Fleeseware" Apps to Cash In on AI Hype
Published May 25 2023 10:07 AM
Cybercriminals are already targeting people who want to use AI by offering a “free trial” to ChatGPT to steal their money.
ChatGPT popularity already a scam target
Shadow IT Increases Cyber Risk
Published May 19 2023 4:33 PM
Shadow IT, or anything not under the control of IT adds to cyber risks and puts the company at risk of breaches, information theft, fines from regulators, and reputational damage.
Shadow IT adds significant risks
Microsoft Azure VMs Hijacked in Cloud Cyberattack
Published May 19 2023 4:31 PM
Cybercriminals were able to bypass security and gain direct access to the Azure cloud.
Azure cloud security bypassed
WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities
Published May 19 2023 4:28 PM
Apple issued patches for 2 of these at the beginning of the month and the third one now. Please patch your devices to be safe.
Critical Apple patches need to be installed
Lemon Group Uses Millions of Pre-Infected Android Phones to Enable Cybercrime Enterprise
Published May 19 2023 4:21 PM
The phones were infected before being sold. The cybercriminals now have access to everything on the phone and all messages which they offer for sale.
Pre-infected Android phones goldmines for criminals
Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched
Published May 19 2023 4:19 PM
The smart plug from Belkin used to control home appliances and devices has little to no cybersecurity protections. Hackers can control your appliances from outside your home.
Smart home control not so smart
Old Vulnerabilities Still Pose a Threat
Published May 12 2023 2:47 PM
While the newest vulnerabilities may capture the news and our attention, old ones are still being exploited. Failing to patch them leaves you vulnerable.
Don't forget old vulnerabilities
Microsoft Fixes Failed Patch for Exploited Outlook Vulnerability
Published May 12 2023 2:44 PM
A vulnerability in Microsoft Outlook was patched by Microsoft. Unfortunately, the patch contained a vulnerability and didn’t resecure Outlook. A second patch to fix the first patch was issued. Please be sure to apply both patches if you use Outlook.
Be sure to patch the Outlook patch
New Flaw in WordPress Plugin Used by Over a Million Sites Under Active Exploitation
Published May 12 2023 2:42 PM
WordPress is widely used and is also widely attacked and compromised. Please be sure you understand this compromise and install the patch issued on May 11.
Another WordPress compromise
Leak of Intel Boot Guard Keys Could Have Security Repercussions for Years
Published May 12 2023 2:40 PM
Intel is reporting a possible leak of signing keys for upgrading the firmware from MSI Gaming. If the leak is confirmed it means that the security to protect against counterfeit firmware upgrades has been seriously compromised.
Signing key leak may cause big problems
Twitter's Encrypted DMs Require Blue Subscription, Aren't Totally Secure
Published May 12 2023 2:37 PM
Twitter is undergoing many changes. One is the promise of encrypted DMs. However, when examined closely, there are some requirements and even then, it is not really encrypted end to end.
Twitter secure DM is not secure