image
Patrick Domingues

Fortinet Vulnerability Allows Firewall Takeovers

A critical security bug in a web application firewall (WAF) platform has been disclosed. It could allow privilege escalation and full device takeover. The bug, in the FortiWeb platform, is found in a WAF OS command-injection vulnerability. A patch will be available at the end of the month.

 

FortiWeb is a cybersecurity defense platform that protects business-critical web applications from attacks and vulnerabilities in the new world of cloud computing. It’s always been able to keep up with new technologies, such as the deployment of new or updated features, or the addition of new web APIs.

 

The bug (CVE pending) exists in FortiWeb’s management interface (version 6.3.11 and prior), and carries a CVSSv3 base score of 8.7 out of 10, making it high-severity. It can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page, according to Rapid7 researcher William Vu who … Read the rest

Vulnerabilities

How To Create Strong Passwords

Passwords represent one of the most important and most misused forms of security. I say these passwords are misused because even in a world where everyone is concerned about cyber security and getting hacked, people still create weak, easy-to-crack passwords. Below are some common concepts to consider when creating passwords.

 

Password Length

The longer a password is, the harder it is to crack. Many security professionals recommend 16 unrepeated characters.

Symbols Numbers, and Letters

While it’s true that complex passwords are difficult to guess, they’re also difficult to remember. Avoid complicating your passwords with random characters unless required. 

Password Managers

A password manager can generate, save, and sync passwords across multiple devices. It’s a handy application that removes the hassle of having to remember all of your login credentials, and prevents bad habits like writing passwords down a or storing them in unsecure documents. 

Changing Passwords

While tedious, it’s smart

Read the rest
Security Awareness

The Best USB 3.0 to Ethernet Adapter Is Given To TP-Link UE300

I have the best USB 3.0 to Ethernet Adapter! I know from experience and I do not take that lightly I have gone through about 10 different brands. The TP Link UE300 is a Gigabit Ethernet Adapter is the best performing and stable adapter on the market. 

My other adapters would work on some computers and not others which is absolute nonsense. Some of them would completely disconnect if it was under too much load from data transfer. I have one cause some sort of surge and destroy a USB port on a laptop, not a happy day it was the only USB port on the device. 

TP Link UE300 is a Gigabit Ethernet Adapter is not only the best performing and most stable it also has a very competitive price. Only no brand adapters can come close to its price. However those no brand or off brand adapters are

Read the rest
Reviews

A 5 step plan to prepare and protect your business from Cyber Crime

The world economy loses more than $1 trillion to cyber-crime every year.

$1 trillion!

That’s a lot of money. And it’s a figure that’s increased by more than 50% since 2018.

In 2019, two thirds of all organizations reported some type of incident relating to cyber-crime.

You could make a sure bet this figure rose significantly last year, thanks to criminals taking advantage of the pandemic.

It’s easy to look at big figures like these, and not relate them back to your own business.

But here’s the thing. The average cost of a data breach to a business is estimated to be around $500,000.

The most common types of crime are ransomware, where your data is locked away until you pay a ransom fee.

And phishing, where criminals pretend to be someone else, to get you to click on a bad link. This is how they get access … Read the rest

Security Awareness
Windows Tutorials

How to Change Your Computers IP Address From the Command Prompt

In this tutorial you will be shown how to change your computers IP address from the command prompt. If you are using third party remote software that has remote CMD access changing the IP Address without interrupting a client while they are working on their computer does come handy.

 

 

Lets start by finding out what our network adapter name is.

Before we can change the IP address we need to find the full name of the network for the interface. To do this, type the following command:

netsh interface ipv4 show config

In my case I will be changing the static IP address for network interface named “Ethernet”.

 

Change Your IP Address, Subnet Mask, and Default Gateway

In this step we will be changing our IP address subnet mask and default gateway. To do this, you’ll issue a command using the following syntax:

netsh interface ipv4 set address name="Ethernet" static
Read the rest
Tutorials

Why Data Privacy Matters

Data privacy refers to the handling of personal data. When it comes to their personal information, people have very specific rights. We need customer and employee personal data to run our business successfully. We are trusted to look after this essential information. Mishandled data can have serious repercussions for us, our colleagues and our customers. Each and every employee has a responsibility to understand how to handle and protect personal data.

The Privacy Principles

COMPLIANCE WITH THE LAW AND ACCOUNTABILITY:

means we are responsible for, and are able to show compliance with the law.

FAIR AND LAWFUL PROCESSING:

means we must only collect and use personal information that is relevant.

SHARING OF PERSONAL INFORMATION:

Unless we obtain consent for sharing, we are not allowed to share the personal information with any 3rd party.

TRANSFER PERSONAL INFORMATION ACROSS BORDERS:

means we have to follow legal requirements which may include notification of

Read the rest
Security Awareness

Employee Guide To Spot Phishing Emails Crossword

Being able to spot phishing emails is important and If you’re wondering why phishing is still a thing, it’s because you and your friends keep falling for it. So stop it. Stop it now. 

 

Email is the largest platform for executing phishing scams, and criminals are getting better at using it effectively. Step 1 for not falling for the next phishing email you receive is understanding what phishing is, how it works and how to recognize it when you see it. 

Click on the link to read Employee Guide To Spot Phishing Emails it will also help you with this Crossword Puzzle.

 

Vertical

1. Don’t click on _____ links.
2. Think before you _____
3. Hackers want your _____ information
5. _____ is a social engineering attack.
6. Over 280 billion _____ are sent each day.
8. _____ phishing are targeted attacks to individuals.
 

Horizontal

4. Always remain _____ of
Read the rest
Puzzles

Who is tracking you?

We have no idea who is tracking us out there on the internet and there is no shame in saying it, we have become complacent when it comes to sharing our content in all this online technology. But you should also know that technology and cyber criminals go hand in hand as they too will get smarter with their tracking abilities and this could potentially put you and your identity at risk. 

 

The spies of the future!

Have you ever noticed that if you happen to have searched a particular topic online, you start seeing adverts on this topic more frequently as you browse? This is no coincidence, whether you like it or not, your internet activities are being monitored every time you are online. When you are online, advertisers and various programs can track you by using your browser activities.

 

What information do they collect?

Purchases, Clicks & Site

Read the rest
Security Awareness

Phishing Attack Exposes 447,000 Florida Patients

Phishing Attack Exposes 447,000 Florida Patients. Orlando Family Physicians, LLC began notifying 447,426 patients that it was the victim of a phishing attack on its employee email accounts.

Six things to know:

  1. On April 15, an unauthorized party accessed the email account of an employee by obtaining their user ID and password through a phishing email, according to a July 20 news release. 

  2. After the attack, the physician practice launched an investigation and found that three other employee email accounts had been breached. Within 24 hours, unauthorized access to each of the four email accounts was terminated, according to the news release.

  3. On May 21, the investigation determined that patient data in the email accounts may have been exposed. On July 9, the patients, prospective patients, employees and other people who had data in the email accounts were identified.

  4. Exposed data may include names, health insurance information, Social Security
Read the rest
Data Breach

Do you bring your own device to work?

Bringing your own devices such as your personal smart phone, tablet or laptop to the work place could make you a target for cybercriminals. When used for work, your personal devices contain sensitive information, provide a gateway to the corporate network or could be used as carriers to distribute malware.

 

While bringing your own device has its advantages, it will most probably not be fully protected to the same degree as
your corporate device is. You are ultimately responsible for ensuring that your device is protected.

 

HERE ARE A FEW TIPS TO HELP YOU PROTECT YOUR DEVICES:

  • Be Aware of Policy – don’t use your own devices for work before understanding the applicable policy.
  • Your Strong PIN Code – your strong pin or pass-code will lock attackers out.
  • Operating Systems – on all devices, phones, tables, etc. should be the latest version. Install apps from official app stores only and
Read the rest
Security Awareness

Available On Amazon

Polls

What Content Do You Want To See?

View Results

Loading ... Loading ...

Categories

Archives

Subscribe Today

Want to know when new posts are published? Enter your email & click on that subscribe button.

Stay Informed

Receive instant notifications when new content is released.