Counter-Strike 1.6 servers used to push malware
Just about 39% of all Counter-Strike 1.6 servers were being used to push malware to end users. It’s amazing that still to this day counter-strike 1.6 is still being play after 20 years. The game still has many players and there is a high demand for hosting providers to provide players to rent game servers.
Dr. Web, researchers explained that the developers are using the game clients vulnerabilities to push the Belonard Trojan botnet by deploying malicious servers to promote the game servers and enlist more victims to the botnet. At its peak, this botnet grew so large that approximately 39% of the 5,000 Counter-Strike 1.6 servers were compromised and looking to infect more connected players.
… Read the rest“Using this pattern, the developer of the Trojan managed to create a botnet that makes up a considerable part of the CS 1.6 game servers,” stated the research by Dr. Web. “According to our
HIPAA Violation Examples And Fines
Not keeping up with HIPAA regulations can be quite costly for any physician’s office or entity that needs to adhere to compliance. HIPAA Violation fines range from $100 to over $4 Million. Staying compliant is not an easy task, regulations are always changing and you are required be up to date about every change. I have written below a few basic examples and how to avoid them.
What is this so called HIPAA Violation?
A HIPAA violation happens when there is some sort of Breach, acquisition, access or a disclosure of Protected health Information which is known as (PHI) that can result in personal risk of the patients.
Everyone that works with PHI should be compliant:
-
Health Plans
-
Health care clearing houses
-
Health care providers who transmit claims in electronic form
-
Medicare prescription drug card sponsors
-
Any Business Associate, Entity or Individual that has access to any type of PHI.
The 2019 Threat Report
The new norm with cybersecurity is discovering new attack methods and new threats which emerge daily and new vectors that are being tested by cyber criminals, according to the 2019 Webroot Threat Report.
According to the Webroot Threat Report:
- 40 percent of malicious malware were found on good domains. , “Since legitimate websites are frequently compromised to host malicious content. Those who use intermediary devices without SSL inspection capabilities should be aware of potential loopholes in their security policies due to this behavior.”
- Home users are more than twice as likely be infected.
Home users are not immune; their routers serve as the hub for networks and smart home devices (IoT), yet most users can’t log into their Linux-based routers to see what they are doing. Meanwhile a hacker can learn everything about a user’s environment, can redirect URLs, carry out man-in-the-middle attacks, and even inject cryptojacking scripts.
Ubiquiti Unifi USG-PRO-4 Security Appliance
The Ubiquiti UniFi Security Gateway Pro (USG-PRO-4)is a is an enterprise Gateway Router with Gigabit Ethernet and two combination SFP/RJ45 ports, combining reliable security features with high-performance routing technology in a cost-effective unit.
The USG-PRO-4 is rack-mountable with fiber connectivity options and a dual-core, 1 GHz processor for maximum hardware‑accelerated performance.
  |
Ubiquiti UniFi Security Gateway Pro Key Features
|
The Ubiquiti UniFi Security Gateway Pro offers two optional SFP ports for fiber connectivity to support backhaul applications.
Powerful Firewall PerformanceThe Ubiquiti UniFi Security Gateway Pro offers advanced firewall policies to protect your network and its data.
Convenient VLAN SupportThe Ubiquiti UniFi Security Gateway Pro can create virtual network segments for
Cisco SOHO VPN Firewalls Vulnerable To Remote Code Execution
Recently Cisco has released several security software updates for the Cisco RV wireless VPN firewalls and routers to plug up a remote code execution flaw (CVE-2019-1663) that can be exploited by malicious HTTP requests
- RV110W Wireless-N VPN Firewall
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router
“The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.”
Cisco did not mention if there was any available public code in the wild to be used to exploit the vulnerability.
The flaw is quite … Read the rest
What is HIPAA used for?
Most of us already know the basic of HIPAA and what the acronym is which is; Health Insurance Portability and Accountability Act and it was passed by Congress in 1996. Now we can move onto the real question which is, what is HIPAA used for?
- Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
- Reduces health care fraud and abuse;
- Mandates industry-wide standards for health care information on electronic billing and other processes; and
- Requires the protection and confidential handling of protected health information
HIPAA is organized into separate “Titles.” For information on the HIPAA Titles read below
Title I: Heath Care Access, Portability and Renewability
HIPAA Title I of the Health Insurance Portability and Accountability Act of 1996 protects health insurance coverage for workers and their families when they change or lose their … Read the rest
New Phishing Trick That Can Bypass Email URL Filters
There is a new Phishing trick that hackers have come up with, this trick is to make Office documents carrying malicious links undetectable by many email security services. They go about deleting the links from the document’s relationship file (xml.rels). This phishing trick has been seen by security professionals during email spam campaigns, these URL’s direct victims to a credential harvesting login page.
How does it work?
What makes up an office document? “Office documents (.docx, .xlsx, .pptx) are made up of a number of XML files that include all the font, image, formatting, and object information which make up the document,” Avanan researchers explain.
These xml.rels file maps the relationships within these doc files and with resources outside of the them. When the document includes web links, they are added to the xml.rels files.
How does your spam filter or antivirus goes about … Read the rest
UniFi Video Surveillance System Is The Best
UNIFI VIDEO PLATFORM
UniFi delivers scale-able enterprise grade video surveillance with disruptive pricing, plug-and-play installation, and powerful easy to use and configure remote viewing software that can be access by your computer, tablet or phone.
Unifi Video Surveillance Equipment
   |
Ubiquiti Networks UniFi Cloud Key G2
|
Free PC Patch Manager
Patch My PC Updater Overview
Patch My PC Updater is a free, easy-to-use program that keeps over 300 apps up to date on your computer. This software not only checks for out of date software it can also install the software automatically for you.
To stay safe online you have to keep your third party software updated and patched at all times. There are many attack surfaces out there and exploiting known third party software is what hackers love to do. Outdated software often contains security vulnerability’s, bugs, and performance issues that are often resolved in the latest version. These are some of the reasons why it’s essential to keep your software updated.
How will it work?
Once you download the software from here and when you open Patch My PC Updater, it will scan your system for outdated programs.
- Programs that are outdated will be shown in – Red
Users Affected by 19 Year Old WinRAR Flaw
WinRAR urges to update one of the worlds most popular compression software that had a flaw that 500 Million users in the past 19 years have been affected by and they finally released a patch for this flaw.
What is the vulnerability?
The UNACEv2.DLL vulnerability was discovered security researchers from Check Point Software and they noted that this impacts all WinRAR versions released in the last 19 years. The UNACEv2.DLL vulnerability allows a hacker to deliver a compromised compressed file to a user and once the user unzips the file it allows the execution of malware into the windows startup of a computer.
WinRAR has released WinRAR 5.70 Beta 2 which will address this vulnerability –tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers.
- Barracuda urges customers to replace Email Security Gateway
- Zero-day vulnerability in the MOVEit file transfer application
- Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions
Loading ...