image
Patrick Domingues

Monthly Archives: October 2021


How Can Businesses Prevent Common Wireless Network Attacks?

If you’re a business owner, how do you keep your wireless network secure from today’s most common online threats? While it may be difficult to prevent hackers from creating fake WiFi hotspots, there are steps you can take to protect your business.

Isolate the Guest Network

If your business WiFi is not isolated from your guest WiFi, it could be used to gain access to business data and place your POS at risk of compromise. Use a router that offers multiple SSIDs – most modern routers have that functionality. These routers often have a guest SSID option or separate guest portal. Make sure it is activated when it is deployed. Alternatively, your wireless network could be compromised by an attacker who is already on the guest WiFi.
 

Encrypt WiFi Traffic with WPA2 or WPA3

If you have a router that is not WPA2 compliant, it is time for an upgrade.
Read the rest
Security Awareness

Hashthemes Demo Importer WordPress Plugin Vulnerability

The Hashthemes Demo Importer and is found in more than 8,000 blogs, according to researchers at Wordfence. It’s a high-severity security flaw. This WordPress plugin is designed to import demo content from HashThemes.com. However, it’s possible for subscribers to use the demo importer as a tool to wipe out content on any WordPress site.

The HashThemes Demo Importer plugin allows you to easily import demos for WordPress themes with a single click. It also has no dependencies such as XML files, .json theme options, .dat customizer files or .wie widget files.
 
 
A security researcher named Ram Gall from Wordfence said that he reported the bug to the developer of the plug-in on Aug. 25. However, the developer did not respond for nearly a month. So, he got in touch with the WordPress team Sept. 20.
 

WordPress Yanks Plugin, Puts Out Fix

 
On the same day, the WordPress team removed the
Read the rest
Vulnerabilities
UniFi Tutorials

How to configure Windows Server and Unifi Controller for RADIUS Wifi access

In this tutorial you will be shown how to configure Unifi Controller and Windows Server for RADIUS Wifi access. Why is this useful? Well this allows us to just disable a user account in Active Directory after a termination and the previous employee will no longer have Wifi access. This will prevent Tech Support having to change the Wifi password every time an employee is terminated.

 

 

Prerequisites for this tutorial.

  1. Internal Unifi Controller, I myself am using a UDM-PRO for that function.
    • You can use a Cloud Hosted Unifi Controller but you will need to open radius ports on your firewalls wan. Your network firewall should be configured to only allow incoming traffic from your Unifi Hosted Controllers IP address to access the Radius ports.
  2. Your Unifi equipment should be assigned static IP addresses outside your DHCP Scope. Once done write down the IP addresses alongside their model or unique
Read the rest
Tutorials

Social Media Red Flags

In this new Internet age, consumers are spending more and more time online. Every time you sign up for a social media account, post a picture, or update your status, you are sharing information about yourself. How can you be proactive and “Do Your Part. #BeCyberSmart”? These simple steps will help you connect with confidence and safely navigate the social media world.

Common Red Flags

 

Someone you don’t know following you or your co-workers inside the office.

Actions to Stay Safe

Contact security about unknown individuals.

 

Someone looking at your screen or watching what you type.

Pay attention to your surroundings and safeguard organizational information.

 

Someone you don’t recognize looking through a desk.

Keep confidential information and devices locked-up/secured when not in use.

 

Social media connection requests from someone you don’t recognize.

Don’t accept unsolicited requests; report them to the service.

 

Receiving an unusual request from someone you know.

Read the rest
Security Awareness

10 Ways To Improve Cyber Security Awareness

Cyber security is a big deal. If you’re not taking it seriously, you’re probably going to get hacked. Cyber criminals can trick employees into giving them access to sensitive information. For example, 90% of all cyber attacks are caused by human error. That’s why companies need to make sure employees know about how to protect themselves and their company on the internet.
 
To protect your company from cyber threats, you must educate and empower your employees. You can achieve this by taking the right steps to improve their cyber security awareness.
 
In this article, I share 10 ways to help you improve your cyber security awareness program.
 
 

Achieve CEO and Leadership Buy-in

 
The recent rise of cybercrime has led to an emphasis on cyber security in the boardroom. As companies realize how much data is at risk, they’re now forced to manage their cyber risks. The number of data breaches
Read the rest
Security Awareness

One in three IT security managers don’t have a cybersecurity incident response plan

According to the Data Security Report, information security incidents are more prevalent than ever, especially for businesses. Security breaches are no longer the fault of the careless employee, but rather attackers who specifically target companies, looking for vulnerabilities that they can exploit.

In a survey of over 900 employees, the top three security threats identified were: increasingly severe ransomware attacks, more effective phishing schemes, and rampant reusing of passwords.

  • Respondents reported a significant increase in the effectiveness of phishing emails. In surveys, they said that these emails are now much harder to spot, and thus much more dangerous.
  • Ransomware attacks have increased by 25% over the past year. This is especially true for businesses in the banking, financial services, and construction industries. Receiving a ransom demand was significantly higher than average for these businesses.
  • What was revealed in a report is something everyone should know. The study showed that
Read the rest
Security Awareness

How to Build a Incident Response Plan in 7 Steps

According to a recent report, almost all companies have experienced at least one cloud data breach. The report also found that companies were more aware of the cloud security threats and that 60% of them considered lack of visibility and inadequate identity and access management as a major threat.
 
 
Cyber-attacks are not rare anymore. They’re happening all across the world. The bad guys are getting smarter and sneakier. Their attacks are well-planned and devastating. And the victims of these attacks? They’re not just big companies. They’re small businesses, too. Whether you know it or not, you, too, could be a victim of cybercrime at any time. But don’t worry! There’s a solution to this online security epidemic. See if you can guess what it
 
 
Now more than ever, organizations must protect themselves against hackers. They’re clever. They know how to access accounts with weak passwords. Or they know how to
Read the rest
Security Awareness

Google Chrome Releases Two Zero Day Patches

Google has released an emergency update Chrome 94.0.4606.71 that fixes two zero-day vulnerabilities being exploited in the wild. These are the second and third zero-day vulnerabilities found this year. A total of twelve zero-days have been found in the browser since January. The new version will be released on all three platforms, Windows, Mac, Linux, to fix these issues.
 

Google stated the following:

“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,”
 
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company said in Thursday’s security update. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
 
 

Here are details on the two zero-days:

  • CVE-2021-37976 Google Project Zero found a bug in a critical component of Chrome. The bug was
Read the rest
Vulnerabilities

Available On Amazon

Polls

What tutorials do you prefer?

View Results

Loading ... Loading ...

Categories

Archives

Subscribe Today

Want to know when new posts are published? Enter your email & click on that subscribe button.

Stay Informed

Receive instant notifications when new content is released.