CISA & FBI Releases Ransomware Awareness for Holidays and Weekends
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned of a rise in holiday and weekend related ransomware attacks. The reason: They can catch businesses by surprise and cause major damage. holiday ransomware awareness report.
The report stated: “The FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months,”
WhatsApp Photo Filter Security Flaw
Users should be careful about the pictures they view on WhatsApp. If a user receives a picture from a malicious third party, the picture could be edited in such a way that the app could read sensitive data from the memory of the app. In addition, users should update their apps to get the latest security fixes.
WhatsAppAccording to security research firm Check Point, a vulnerability has been found in WhatsApp. The issue causes the app to crash when a user receives certain images. These images are crafted to take advantage of visual effects such as color changes, saturation adjustments, and other alterations.
The bug (CVE-2020-1910) carries a severity rating of 7.8 out of 10. It’s due to a memory corruption error, the firm said – and more specifically, an out-of-bounds read-and-write issue. Typically, this kind of bug can allow attackers to read sensitive information from other … Read the rest
Understanding Hacker Motives
Not all cases are clear-cut. Even when you know how something happened, there’s usually more than one way to interpret the events. Cyber crime is a good example. Investigators often spend a lot of time trying to understand why the crime occurred in the first place. They ask questions like “why did the perpetrator do it?” And “what was their motive?” Even when you can’t answer these questions, trying to understand the why is still useful.
Personal Identifiable Information
Known simply as PII, this data includes a long list of items that can specifically identify an individual, such as full names, home addresses, and national ID numbers (to name just
The Tiers of HIPAA violations
If you violate HIPAA, you will be fined. The penalty fee is determined by how serious the violation is. However, most cases are solved with a technical guidance from the OCR or agreeing to change your policy and procedures to prevent future violations. Financial penalties for HIPAA violations are reserved for the most serious violations of HIPAA Rules.
What Happens if you Violate HIPAA? – HIPAA Violation Classifications
What happens if you break HIPAA? Well, that depends. The Office for Civil Rights prefers to resolve violations using non-punitive measures, such as with voluntary compliance or issuing technical guidance to help covered entities address areas of non-compliance. But more serious violations may result in corrective action, such as termination of your business or even criminal charges.
The four categories used for the penalty structure are as follows:
- Tier 1: A violation that the covered entity was unaware of and could not
Keep Your Home Office Safe And Secure
I am sure we can all say that working from home is great but it poses a whole new set of cyber security challenges and without the convenience of in-house technical support, it can be a problem it’s not like a corporate tech will just go to your house. Here are a few cyber security housekeeping steps to consider to ensure your new office is safe and secure.
Many vendors provide you with a router or if you purchase them in the store make sure to follow these 5 steps.
Log in to your router to access its settings, if you’re unsure how to log in, look at your routers make and model and then you can use that to search the internet for articles or YouTube for videos.
Change the SSID (Service Set Identifier). The SSID is the name of your wireless network. Use WPA instead of WEP Wifi
How To Downgrade Or Update Unifi UAP Firmware
If you are having problems your Unifi wireless access points it could be do to a bug in the firmware. In this tutorial you will be shown how to downgrade or update the Unifi UAP firmware.
How to Downgrade or update firmware.
- Log into your Unifi Controller.
- Make sure that Auto Update is disabled
- Settings > Site > Services , uncheck Automatically Upgrade Device Firmware.
- Also check scheduled upgrades. Settings > Services > Scheduled Upgrades and remove them.
- On the left hand side menu Click on Unifi Device Icon
- Click on the the wireless access point you would like to start with so the side menu expands to display a GUI like below.
- Click on the gear\config icon
- Scroll down to the bottom and expand MANAGE DEVICE
- In the Custom upgrade section use the copy/paste the firmware version you would like to use, for example: https://dl.ui.com/unifi/firmware/U7PG2/4.3.20.11298/BZ.qca956x.v4.3.20.11298.200704.1347.bin
Note: if you
FBI says that hackers are hijacking online food and agriculture accounts
The FBI has a warning for companies in the food and agriculture industries: Hackers are using the tactic known as credential stuffing to hijack your online accounts and drain your cash. The FBI’s Cyber Division recently sent a Private Industry Notification to businesses in these sectors, warning them that hackers have been targeting accounts at grocery stores, restaurants, and food-delivery services.
In the agency’s report, it said that cybercriminals are using stolen passwords at one company to log into another company’s account. They do this hoping that customers had used the same password for both accounts. Cybercriminals usually use automated tools and proxy botnets to attack multiple companies, including grocery and food delivery services.
The FBI warned that companies can be unaware of account compromises until customers complain that their accounts have been compromised. For example, a customer might notice suspicious activities on their accounts such as food orders for … Read the rest
Fortinet Vulnerability Allows Firewall Takeovers
A critical security bug in a web application firewall (WAF) platform has been disclosed. It could allow privilege escalation and full device takeover. The bug, in the FortiWeb platform, is found in a WAF OS command-injection vulnerability. A patch will be available at the end of the month.
FortiWeb is a cybersecurity defense platform that protects business-critical web applications from attacks and vulnerabilities in the new world of cloud computing. It’s always been able to keep up with new technologies, such as the deployment of new or updated features, or the addition of new web APIs.
The bug (CVE pending) exists in FortiWeb’s management interface (version 6.3.11 and prior), and carries a CVSSv3 base score of 8.7 out of 10, making it high-severity. It can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page, according to Rapid7 researcher William Vu who … Read the rest
How To Create Strong Passwords
Passwords represent one of the most important and most misused forms of security. I say these passwords are misused because even in a world where everyone is concerned about cyber security and getting hacked, people still create weak, easy-to-crack passwords. Below are some common concepts to consider when creating passwords.
Password Length
The longer a password is, the harder it is to crack. Many security professionals recommend 16 unrepeated characters.
Symbols Numbers, and Letters
While it’s true that complex passwords are difficult to guess, they’re also difficult to remember. Avoid complicating your passwords with random characters unless required.
Password Managers
A password manager can generate, save, and sync passwords across multiple devices. It’s a handy application that removes the hassle of having to remember all of your login credentials, and prevents bad habits like writing passwords down a or storing them in unsecure documents.
Changing Passwords
While tedious, it’s smart
The Best USB 3.0 to Ethernet Adapter Is Given To TP-Link UE300
I have the best USB 3.0 to Ethernet Adapter! I know from experience and I do not take that lightly I have gone through about 10 different brands. The TP Link UE300 is a Gigabit Ethernet Adapter is the best performing and stable adapter on the market.
My other adapters would work on some computers and not others which is absolute nonsense. Some of them would completely disconnect if it was under too much load from data transfer. I have one cause some sort of surge and destroy a USB port on a laptop, not a happy day it was the only USB port on the device.
TP Link UE300 is a Gigabit Ethernet Adapter is not only the best performing and most stable it also has a very competitive price. Only no brand adapters can come close to its price. However those no brand or off brand adapters are
Loading ...