Securely Connecting People Places & Things!
Securely Connecting People Places & Things!
In today’s digital world, safeguarding your organization’s online assets is critical. Unfortunately, poor password hygiene practices by some employees cause problems for many small businesses, leaving them vulnerable to hackers. Cybercriminals are constantly trying to find new ways to break into business systems. Sadly, too often, they succeed thanks to weak passwords. In fact, nearly […]
Why Passwords are Your Business’s Weakest Point Read More »
Foreign actors may intensify efforts to influence outcomes of the 2022 midterm elections Posted: October 15, 2022 by Malwarebytes Labs In less than four weeks, the balance of power in the US House of Representatives and Senate will be up for grabs, along with a host of gubernatorial seats, and positions at the state and municipal levels. With
FBI, CISA warn of disinformation ahead of midterms Read More »
In a joint cybersecurity advisory, the National Security Agency (NSA) Posted: October 13, 2022 by Malwarebytes Labs In a joint cybersecurity advisory, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have revealed the top CVEs used by state-sponsored threat actors from China. The advisory aims to “inform federal and
Chinese APT’s favorite vulnerabilities revealed Read More »
Microsoft fixed 84 vulnerabilities in its October 2022 Patch Tuesday updates Posted: October 12, 2022 by Pieter Arntz . Thirteen of them received the classification ‘Critical’. Among them are a zero-day vulnerability that’s being actively exploited, and another that hasn’t been spotted in the wild yet. The bad news is that the much-desired fix for the “ProxyNotShell” Exchange vulnerabilities was
Posted: October 6, 2022 by Pieter Arntz Several vulnerabilities have been patched in the Google Android operating system (OS), the most severe of which could allow for arbitrary code execution. None of the vulnerabilities have been spotted in the wild. Operating systems contain and manage all the programs and applications that a computer or mobile device is able to run. The
Android vulnerabilities could allow arbitrary code execution Read More »
Insider threats are among the most dangerous cyberthreats out there. Yet, organizations of all sizes seem to be either reluctant or negligent when it comes to fighting them. Even though some companies have an insider risk management program, they have a limited cybersecurity budget for mitigating insider risk.1 Simply having an insider risk management program
Defense Strategies to Combat Insider Threats Read More »
Posted: September 28, 2022 by Christopher Boyd There’s a new slice of malware-as-a-service doing the rounds, although its actual newness is somewhat contested. The stealer, called Erbium, was first spotted on forums back in July 2022, but it seems nobody is quite sure when it started being deployed and snagging victims. Nevertheless, it is now happily causing chaos for
Erbium stealer on the hunt for data Read More »
Posted: September 26, 2022 by Pieter Arntz WhatsApp has fixed two remote code execution vulnerabilities in its September update, according to its security advisory. These could have allowed an attacker to remotely access a device and execute commands from afar. These versions of WhatsApp are affected by at least one of the vulnerabilities: WhatsApp for Android prior to v2.22.16.12 WhatsApp
Critical WhatsApp vulnerabilities patched: Check you’ve updated! Read More »
Posted: September 22, 2022 by Christopher Boyd Last week we learned that ride-sharing giant Uber’s defences had been unpicked by an attacker with a novel take on social engineering: Fatigue. Fatigue attacks play on the often repetitive nature of certain security procedures and failsafes. Do you hate having to punch in a password on your login screen every time you
Welcome to high tech hacking in 2022: Annoying users until they say “yes” Read More »
Posted: September 22, 2022 by Malwarebytes Labs The US FDA (Food and Drug Administration) has warned users of Medtronic’s MiniMed 600 Series Insulin Pump System—specifically, models for MiniMed 630G and MiniMed 670G—that their medical devices have a cybersecurity issue with its communication protocol. If compromised, attackers could gain unauthorized access to the pump system itself, and alter it to deliver too
Medtronic’s MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA Read More »