Monthly Archives: February 2019


Cisco SOHO VPN Firewalls Vulnerable To Remote Code Execution

Recently Cisco has released several security software updates for the Cisco RV wireless VPN firewalls and routers to plug up a remote code execution flaw (CVE-2019-1663) that can be exploited by malicious HTTP requests

 
The Vulnerable Products
This vulnerability affects all releases of the following Cisco products prior to those listed in Fixed Releases:
  • RV110W Wireless-N VPN Firewall
  • RV130W Wireless-N Multifunction VPN Router
  • RV215W Wireless-N VPN Router

“The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.”

Cisco did not mention if there was any available public code in the wild to be used to exploit the vulnerability. 

The flaw is quite … Read the rest


What is HIPAA used for?

Most of us already know the basic of HIPAA and what the acronym is which is; Health Insurance Portability and Accountability Act and it was passed by Congress in 1996. Now we can move onto the real question which is, what is HIPAA used for?

  • Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
  • Reduces health care fraud and abuse;
  • Mandates industry-wide standards for health care information on electronic billing and other processes; and
  • Requires the protection and confidential handling of protected health information

HIPAA is organized into separate “Titles.”  For information on the HIPAA Titles read below

Title I: Heath Care Access, Portability and Renewability

HIPAA Title I of the Health Insurance Portability and Accountability Act of 1996 protects health insurance coverage for workers and their families when they change or lose their … Read the rest


New Phishing Trick That Can Bypass Email URL Filters

There is a new Phishing trick that hackers have come up with, this trick is to make Office documents carrying malicious links undetectable by many email security services. They go about deleting the links from the document’s relationship file (xml.rels). This phishing trick has been seen by security professionals during email spam campaigns, these URL’s direct victims to a credential harvesting login page.

How does it work?

What makes up an office document? “Office documents (.docx.xlsx.pptx) are made up of a number of XML files that include all the font, image, formatting, and object information which make up the document,” Avanan researchers explain.

These xml.rels file maps the relationships within these doc files and with resources outside of the them. When the document includes web links, they are added to the xml.rels files.

How does your spam filter or antivirus goes about … Read the rest


UniFi Video Surveillance System Is The Best

The UniFi Video Surveillance System has the best balance between flexibility and ease of use. Ubiquiti designed UniFi Video to provide continuous monitoring capabilities with a ton of options to fine-tune and customize both the video recorder system and network cameras. The short fall is that UniFi Video does not yet support geo-fencing or advanced motion detection that can differentiate between a person vs. an animal. However, unique features, such as continues automated firmware and software updates and support for Power-over-Ethernet (PoE), on-premise video storage, and flexible multi-user support make UniFi Video a favorite among tech-savvy users and a great solution for your businesses. 

UNIFI VIDEO PLATFORM

UniFi delivers scale-able enterprise grade video surveillance with disruptive pricing, plug-and-play installation, and powerful easy to use and configure remote viewing software that can be access by your computer, tablet or phone. 

Unifi Video Surveillance Equipment 

Ubiquiti Networks UniFi Cloud Key G2

 

Read the rest

Free PC Patch Manager

Patch My PC Updater Overview

Patch My PC Updater is a free, easy-to-use program that keeps over 300 apps up to date on your computer. This software not only checks for out of date software it can also install the software automatically for you.

To stay safe online you have to keep your third party software updated and patched at all times. There are many attack surfaces out there and exploiting known third party software is what hackers love to do. Outdated software often contains security vulnerability’s, bugs, and performance issues that are often resolved in the latest version. These are some of the reasons why it’s essential to keep your software updated.

How will it work?

Once you download the software from here and when you open Patch My PC Updater, it will scan your system for outdated programs.

  • Programs that are outdated will be shown in – Red
Read the rest

Users Affected by 19 Year Old WinRAR Flaw

WinRAR urges to update one of the worlds most popular compression software that had a flaw that 500 Million users in the past 19 years have been affected by and they finally released a patch for this flaw.

What is the vulnerability?

The UNACEv2.DLL vulnerability was discovered security researchers from Check Point Software and they noted that this impacts all WinRAR versions released in the last 19 years. The UNACEv2.DLL vulnerability allows a hacker to deliver a compromised compressed file to a user and once the user unzips the file it allows the execution of malware into the windows startup of a computer.

WinRAR has released WinRAR 5.70 Beta 2 which will address this vulnerability –tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers.

Read the rest

Data Breach At UW Medicine

The data breach at SEATTLE’s UW Medicine exposed around 974,000 patient records. The files that web public did not contain anything too revealing, no medical or financial information or Social Security Numbers were available to be read. The content that was exposed were names, medical record numbers and descriptions.

How did this happen? A public facing server that hosts their websites had a vulnerability that caused the internal files to have the ability to be searched on the internet. Good news is, corrective actions have been made and files are no longer available.

 

“UW Medicine became aware of a vulnerability on a website server that made protected internal files available and visible by search on the internet on Dec. 4, 2018,” spokeswoman Susan Gregg said in a statement. “The files contained protected health information (PHI) about reporting that UW Medicine is legally required to track, such as reporting to various

Read the rest

Have I Been Compromised Online?

So, your clicking around on the internet and come across news of compromised companies and now your wondering have I been compromised online? Are my usernames and passwords available online? Unfortunately, the answer to your question is your information is probably in the dark web up for grabs for anyone to take.

 

Data breaches have become quite common and there isn’t anything you can do about other companies security and how they practice their cyber security protections. It is astonishing how many websites are hacked every day, if your registered on any given website your taking a gamble.

Web Hosting/Website Statistics and Facts 2019 from hostingfacts.com 

  • As at December 2018, there are approximately 1.94 billion websites in the world.
  • The world’s first website was published on August 6, 1991 by British physicist Tim Berners-Lee.
  • 8 percent of all Internet traffic comes from bots, while only 48.2 percent of internet traffic
Read the rest

Trickbot can now obtain your remote access credentials

The Banking Trojan called Trickbot has an updated ability and can now harvest your username and passwords from remote access type applications. This would allow the hacker to remote into systems using the username and password obtained.

TrendMicro Analysts stated “The malware arrives via an email disguised as a tax incentive notification from a major financial services company. This email includes a macro enabled (XLSM) Microsoft Excel spreadsheet attachment (detected as Trojan.W97M.MERETAM.A) that purportedly contains the details of the tax incentive. However, as these attachments usually go, this macro is malicious and will download and deploy Trickbot on the user’s machine once activated.”


The figure below is the email that someone will receive with the malware payload disguised as an attached excel document. Please be vigilant, don’t open an attachment unless you know who it is from & are expecting it.

 

You can be more safe by following the best Read the rest


Best Home Lab For SysAdmins

This home lab is great for anyone who is just starting off their IT career and looking to get a step up in knowledge by chasing after it. If your a SysAdmin already get yourself a lab anyways because the more you know the better.

Having a Home Lab builds your confidence because you obtain the technical know how for deploying new infrastructures. You gain confidence because you have created the environments you currently work with or you create a similar clients environment in your home lab then you learn what could happen and what will happen and how to go about troubleshooting or setups and migrations. As someone that has their own Home Lab I do know the benefits of it and what knowledge you would gain from it. As an employer I ask every interviewee if they have a home lab or not because this lets me know … Read the rest

Stay Informed

Receive instant notifications when new content is released.