Identity Thieves Pushing New Chase Phishing Scams
Identity thieves continually develop new ways to obtain your personal information. I personally have gotten the latest Phishing email scam these thieves are using. Looks like these Hackers didnt stop at just hacking Chase but now also taking advantage of the Chase breach to do more harm to people. This email is not legitimate. If you get any emails like these, don’t respond to them.
Some common tip-offs that an email is phony are typos, grammatical mistakes, awkward language, missing words, extra spaces, and other signs that the email was written unprofessionally. Such emails might also ask you to look at an attachment or click a link and then give your personal information on a Web page or in a form. Or the sender’s email address might look suspicious. If you hover over the links you can even see that it would not direct you to legit URL. Here Are … Read the rest
Millions of Qualcomm based Android Smartphones Vulnerable
Security researchers from Tencent’s Blade Team released a notice that the Qualcomm chipset exposes millions of android smartphones to hackers.
Any user with a tablet or phone that uses this cpu is effected by the flaw called QualPwn. The bug allows attackers to take control of the phones remotely by crafting special packets that are sent over the air.
Three bugs make up QualPwn (CVE-2019-10539, CVE-2019-10540 and CVE-2019-10538). The prerequisite for the attack is that both the attacker and targeted Android device must be active on the same shared Wi-Fi network.
“One of the vulnerabilities allows attackers to compromise the WLAN and modem, over-the-air. The other allows attackers to compromise the Android kernel from the WLAN chip. The full exploit chain allows attackers to compromise the Android kernel over-the-air in some circumstances,” wrote researchers.
… Read the restBlade.tencent.com stated “QualPwn is a series of vulnerabilities discovered in Qualcomm chips. One of the
Windows Actively Exploited Privilege-Escalation Bugs
The software giant recently released important-level patches for two of the privilege-escalation vulnerabilities in Win32k and splwow64, which are being actively exploited in the wild. Qualys said that the patches, though labeled as important, should be quickly deployed as they could be chained with other vulnerabilities to provide the hacker with complete system access. In other words, once they have elevated their privilege level, attackers could exploit another vulnerability to allow them to execute code like ransomware.
The Win32 flaw (CVE-2019-1132) affects Windows 7, Server 2008 and Server 2008 R2.
“While an attacker would have to gain log on access to the system to execute the exploit, the vulnerability if exploited would allow the attacker to take full control of the system,” said Chris Goettl, director of product management for security at Ivanti, via email.
Meanwhile, the bug in splwow64 (CVE-2019-0880), which is the print driver … Read the rest
Mac Users Affected by Zero-Day Webcam Hijacking
The Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 4 million workers that use the Zoom for Mac web-and videoconferencing service.
According to a researcher Jonathan Leitschuh (he noted that Mac users make up about 10 percent of Zoom’s customer base of 4+ million). An outside adversary would need only to convince a user to visit a malicious website with a specially crafted iFrame embedded, which would automatically launch a Mac user into a Zoom web conference while turning on their camera.
… Read the restLeitschuh disclosed “I was very easily able to spot and describe bypasses in their planned fix,” he said. “Ultimately, Zoom failed at quickly confirming that the reported vulnerability actually existed and they failed at having a fix to the issue delivered to customers in a timely manner. An organization of this profile and with such
Dell SupportAssist Software Is Vulnerable To Remote Hacker
Millions of Dell PCs that have the SupportAssist software installed are vulnerable to a remote hacker to completely taking over your computer.
The high-severity vulnerability (CVE-2019-12280) is defective coding in a component in SupportAssist. This software is Dell’s monitoring software which is pre-installed on all PCs. The software can automatic detect failure and notify you of issues. The Dell SupportAssit component is made by a company called PC-Doctor, which develops hardware-diagnostic software for many other brands.
“As long as the software is not patched, this vulnerability probably affects many Dell users,” Peleg Hadar, security researcher with SafeBreach Labs – who discovered the breach – said in a Friday analysis.
… Read the rest“Our first priority is product security and helping our customers ensure the security of their data and systems,” the spokesperson said. “The vulnerability discovered by SafeBreach is a PC Doctor vulnerability, a third-party component that ships with Dell SupportAssist for
Linux servers under worm attacks via latest Exim flaw
It didn’t take very long for Hackers to start exploiting this flaw, the recently revealed Exim vulnerability (CVE-2019-10149).
An initial wave of attacks on this vulnerability – which involved attackers pushing out exploits from a malicious command-and-control (C2) server – was first discovered June 9 by researcher Freddie Leeman.
“Just detected the first attempts to exploit recent #exim remote command execution (RCE) security flaw (CVE-2019-10149),” he said in a tweet. “Tries to downloads a script located at http://173.212.214.137/s (careful). If you run Exim, make sure it’s up-to-date.”
… Read the restAmit Serper, Cybereason’s head of security research, “The campaign uses a private authentication key that is installed on the target machine
SSD 2.5 to 3.5 Passive Heat dissipation Hard Drive Adapter
2.5 to 3.5 Hard Drive Adapter: Turns your 2.5in SATA HDD / SSD into 3.5in so you can install it into your desktop PC for Passive Heat Cooling- High Speed, Excellent Performance: SATA III supports a theoretical maximum speed of 6Gbps, also backward compatible with SATA I/II
- Good Heat Dissipation: The side slots and open design greatly improves heat dissipation and protects your hard drive
- Superb Quality: Made of ABS plastic material; compatible with Windows, Mac OS, Linux Desktops; Hot-swap plug and play, no driver needed
- Screws in box: 4 x M3*5 screws to install the 2.5″ hard drive, and 6 x screws to mount the 1125SS
State-of-the-art Craftsmanship Brings Superb Quality
Made of fireproof, shockproof ABS material. Delicate, cutting-edge craftsmanship makes it perfectly fit for 3.5″ bays.
Maximized Speed of SATA 3.0
Built with SATA III standard, providing a maximum data transfer speed of 6Gbps.
Backward compatible with
Point-Of-Sale Malware Found at 102 Checkers Restaurants
Checkers Restaurants suffered a cyber security breach according to a report by ZD Net, the company found Point-Of-Sale malware in 102 Checkers and Rally’s locations.
The Checkers released statement emphasizes that “not all Checkers and Rally’s restaurants were affected by this issue.” The business also announced that the Point-Of-Sale malware did not affect all the guests who visited the restaurant chain. To clarify, only those who paid during the said periods remain susceptible to security attacks.
The list of affected states includes Alabama, California, Delaware, Florida, Georgia, Illinois, Indiana, Kentucky, Louisiana, Michigan, and West Virginia. The list also includes the following states as well. Nevada, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Tennessee, and Virginia.
… Read the rest“We also are working with federal law enforcement authorities and coordinating with the payment card companies in their efforts to protect cardholders,” Checkers said. “We encourage you to review your account statements and contact
File Server Migration While Keeping OLD and NEW HostName
Here is a complete guide on how to migrate Windows File Server 2008 or 2012 and 2016 while keeping the OLD and New HostName destinations on the new server.
Step 1 : Stand up your new file server, mine is called FS2.
Step 2 : Make sure to keep the same folder structure if possible as you see in your old server, in my case it is called FS1.
Step 3 : I like to use software called SyncFolders , it can be used to transfer all your files with NTFS permissions from Source (FS1) to Detestation (FS2)
Step 4 : In my case I configured the SyncFolders Software to Point my FS1 D:\ drive TO \\FS2\D$ or you can just share the D drive from FS2. You can also schedule this software to run hourly or nightly it will sync the files recently changed.
Step 5: Go to old … Read the rest
Since 2005 some Google G Suite passwords were stored in plaintext
Google says that there were a number of its enterprise customers since 2005 have had their Google G Suite passwords stored in plaintext.
G Suite, Google’s brand of cloud computing, software, productivity and collaboration tools has more than 5 million users as of February. Google said that it recently discovered the passwords for a “subset of enterprise G Suite customers” stored in plain text since 2005.
“This practice did not live up to our standards,” Suzanne Frey, VP of engineering for Google Cloud Trust, said in a post. “To be clear, these passwords remained in our secure encrypted infrastructure. This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.”
Google said they also discovered a second security lapse earlier this month as they were troubleshooting new G Suite customer sign-ups. The company said since January it was … Read the rest
Loading ...