Help your users spot Covid-19 phishing emails
As the Covid-19 pandemic rises scammers are now using the fear of the public to capitalize by using a method of email phishing to steal money and data.
World Health Organisation Advice
There has been a growing confusion around the next steps to take, scammers can slip through the cracks. Health advice emails, advising people to sign up to doctor and fake links to “safety tips”.
Some emails are even claiming to have found a cure for the virus! As of yet, (13th March 2020) there is no vaccine so these emails should be deleted immediately.
To verify that an email is legitimate contact the World Health Organisation directly, and flag the phishing email as fraud if it is so to help others avoid making the mistake of giving these scammers their details.
The World Health Organisation has recommended to check the original email address to make sure it … Read the rest
Unpatched Systems Are Still A Major Attack Vector
Unpatched systems are still a major attack vector for hackers. These unpatched systems can invite major troubles for an organization. The issue can turn worse when the organization falls victim to a data breach and compromises confidential data.
Time and time again it was found that the same vulnerabilities kept being the top vector for exploitation via phishing attacks which the payload targeted specific flaws in the Microsoft product line.
Top flaws
Some flaws that have been actively used to launch attacks are:
- CVE-2016-0189 – Memory corruption flaw in Microsoft’s Internet Explorer
- CVE-2017-8570 – Remote code execution flaw in Microsoft Office
- CVE-2017-0143 – Affects SMBv1 protocol
- CVE – 2018-11776 -Remote code execution Apache Struts
- CVE-2017-11882 – Remote code execution Microsoft Office
- CVE-2009-3129 – Remote code execution in Microsoft Excel/Word
- CVE-2017-11774 – Security Feature Bypass vulnerability in Microsoft Outlook
Bottom line
It is no surprise that
Apps In Google Play Store Found With Haken Malware
The Haken malware obtains sensitive data from victims and secretly signs them up for expensive premium subscription services.
The eight apps that were found have since been removed. Users have collectively been downloaded 50,000 times. These apps were utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump tower,” “ball number shooter” and “Inongdan.” The apps legitimately function as advertised, but in the background covertly perform an array of malicious functions.
“Haken has shown clicking capabilities while staying under the radar of Google Play,” said researchers from Check Point Research. “Even with a relatively low download count of 50,000+, this campaign has shown the ability that malicious actors have to generate revenue from fraudulent advertising campaigns.”
Google Play store has been battered with new variants of malware try and stay clear of random free apps that are unknown.
… Read the rest
Kaseya Script To Run Patch My PC
Kaseya does an okay job to deploy software patches but we we decided it was best to create a Kaseya Script To Run Patch My PC.
This simple script grabs the latest Patch My PC from the developers website and places it into the kworking folder on the users workstation or server. The software has a string parameter to run as the System User to scan the entire system for installed apps and afterwards it will install the latest software Patch silently.
To automatically deploy this script on a scheduled basis, within Kaseya we used Policy Management and configured a new Scheduled policy to run this Patch my PC script every week.
Below you can see the Kaseya Script to run the Patch My PC. I also provided the download link for it.
<?xml version="1.0" encoding="utf-8"?> <ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting"> <Procedure name="Patch My PC" treePres="3" id="136611930" folderId="980255113206922" treeFullPath="myProcedures - [email protected]
Google Chrome Patch Gap down to 15 Days from 33 Days
Google has done a great job bringing the patch gap down to 15 days from 33 days. They also want to bring this number down further to once a week. Their goal is to quickly roll out patches for vulnerabilities.
In 2019, security researchers from Exodus Intelligence have noted that on two occasions Google Chrome’s large patch gap can be exploited by attackers.
First in April, and then in September, Exodus researchers developed a proof-of-concept exploit code for security bugs fixed in the V8 JavaScript engine that had yet to make their way downstream into the Chrome code base.
GOOGLE Chrome is doing something about it.
Google Chrome users have some good news and the Exodus team’s research on the topic and subsequent warnings did not go noticed by Google Chrome Security team.
In Google Chrome’s recently published quarterly security summary for Q4 2019, the Google engineers said … Read the rest
How to install VMware tools on CentOS 7
VMware Tools is one of important components for virtual machine (VM) in order get excellent performance. It is a group of utilities that help to enhances the overall performance of the virtual machine’s guest operating system (OS) and improves management of the VM. Below steps shows how to install the VMware Tools on CentOS 7
How to Install VMware Tools ?
open-vm-tools is an open source implementation of VMware Tools from third parties and contains utilities that enhances virtualization management, administration and functions of the virtual machine in VMware environments.
root# yum install open-vm-tools
Without the VMware Tools, guest OS performance will lacks some of the important functionality.
- PowerShell Script to Force Uninstall Umbrella Roaming Client
- How to Install Moodle on a Ubuntu 24.04 VPS with a Scripted Guide
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to
Your Not HIPAA Compliant Using Windows Server 2008
If your using Windows Server 2008 or older on your network it makes you none HIPAA Compliant and should be ashamed for putting your clients and patient information at risk.
What Windows Server 2008 “END OF LIFE” and HIPAA mean for you?
What you need to worry about is that Windows Server 2008 will no longer receive windows security updates for vulnerabilities and this in itself is a breach in HIPAA compliance. This also means that Microsoft will no longer offer technical support for any issues, software updates, and security updates or fixes.
One of the main reasons why Your Not HIPAA Compliant Using Windows Server 2008 is because of the lack of security updates and fixes. This puts all information stored on Windows Server 2008, including confidential client information, will be at risk. Hackers and external security threats will know about this stop date, and as such will … Read the rest
Your Not HIPAA Compliant Using Windows 7
If your using Windows 7 or older on your network you are not HIPAA Compliant and should be ashamed for putting your clients and patient information at risk.
What WINDOWS 7 “END OF LIFE” and HIPAA mean for you?
What you need to worry about is that Windows 7 will no longer receive windows security updates for vulnerabilities and this in itself is a breach in HIPAA compliance. This also means that Microsoft will no longer offer technical support for any issues, software updates, and security updates or fixes.
One of the main reasons why Your Not HIPAA Compliant Using Windows 7 is because of the lack of security updates and fixes. This puts all information stored on Windows 7, including confidential client information, will be at risk. Hackers and external security threats will know about this stop date, and as such will find it easier to push through … Read the rest
Mozilla patches zero-day flaw in Firefox
Mozilla the makers of Firefox has issued a zero-day security update for Firefox and Firefox Extended Support Release, which were found to contain an actively exploited flaw in the IonMonkey JIT compiler.
What is known
“Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion,” they stated in the official advisory posted by Mozilla, citing the two elements as StoreElementHole and FallibleStoreElmenet. “We are aware of targeted attacks in the wild abusing this flaw.”
Announced January 8, 2020
Impact: critical
Products: Firefox, Firefox ESRFixed in
- Firefox 72.0.1
- Firefox ESR 68.4.1
Designated CVE-2019-17026, the zero-day bug was reported by researchers at Qihoo 360 ATA. The problem has been fixed with the latest release of Firefox 72.0.1 and Firefox ESR 68.4.1
No other details have been provided by firefox. Click here to Download Latest Firefox Software to patch the zero-day flaw.
… Read the rest
Zynga.com maker of Words with Friends data is on the Dark Web
Zynga.com, maker of Words with Friends suffered a data breach in December that included 228m records and that data has recently surfaced on the Dark Web.
In the past you may have signed up for Words with Friends and other zynga.com created games and provided the information to a service that is in some way associated with zynga.com. It may be difficult for you to remember, or you simply may not know other services are associated with zynga.com. What is important to know is that information belonging to all these users are now being shared improperly on the dark web.
Even though you may have stopped using zynga.com (games Words with Friends and Draw Something), or perhaps deactivated the account, or maybe unsubscribed, the information could still be available in their systems.
Exposed Information
- Username
- Password
- Facebook Username/ID
What can you do next?
Being proactive with best practices and … Read the rest
Loading ...