Insights
Information posted on social media is never private or safe. This was brought home when Facebook’s sale of information to a company that exploited private information was made public. Now the Chinese government is using sophisticated software to monitor people and companies for anything they consider sensitive. Learn how to protect your information.
Google Docs is a widely used word process package. Now, hackers are using the comments feature of Docs in an attempt to get users to click a malicious link.
The threat of the Log4j issue has been widely publicized and written about here. As it is a feature of systems and not a bug, there will be no “fixes” but there are ways to protect against it. Now the Federal Trade Commission is stepping in to convince companies to take the necessary steps to protect information.
Mitigating Risks Taken to New Level
A reboot is a common way to remove malware from phones. But hackers found a way to “fake” a reboot so the iPhone owner believes it has been rebooted but the malware stays in place.
The New York Office of the Attorney General has been monitoring sites used by hackers. They discovered compromised information and notified 17 restaurant chains, retailers, and food delivery services that the information of their customers has been compromised by the use of credential stuffing, a technique where compromised passwords are tried on other sites.
Zero Trust is a different security model that is a better fit for the new computing model of BYOD, Work From Home, and cloud computing. Despite its name, it enhances trust making information more secure than the older models.
This has not been a good time for Apache. First the Log4J critical vulnerability and now this one. Learn more here but patch it asap.
In a new wave of attacks cybercriminals are shutting down smart building automation systems. In some cases they take control of the individual control devices and regaining control is not easy.
This article discusses the importance of coordinated defenses at the company and government level to be effective. But it also points out that if ransomware is stopped cybercriminals will focus on new ways to make money such as selling stolen data on the Dark Web.
A new variant of the Phorpiex botnet emerged recently that operates as a peer-to-peer network making it harder to bring down. It functions to change the payment destination in legitimate cryptocurrency payments to ones owned by the cybercriminals.
AI and ML systems are being widely adopted because of the benefits and increased productivity they offer. But then also add to risks exactly because of the benefits they offer.
Log4J are features of the Java system that have been there for years. Being features, they aren’t vulnerabilities to fix. The first fix released was incomplete so be sure to use the latest one.
The Log4J series of vulnerabilities are very serious. This article offers ways to identify vulnerable systems. Be sure to install the latest patches as the frit set were not complete.
This season is a prime shopping season and a prime cybercrime season. If is also when staff are most busy and likely to miss things. The attacks take many forms. Here are some tips to help protect against them.
Kronos is a leading human resources company with widely used time reporting and payroll systems. The successfully ransomware attack means that many companies cannot process hours reported or payroll.