The 2019 Threat Report
The new norm with cybersecurity is discovering new attack methods and new threats which emerge daily and new vectors that are being tested by cyber criminals, according to the 2019 Webroot Threat Report.
According to the Webroot Threat Report:
- 40 percent of malicious malware were found on good domains. , “Since legitimate websites are frequently compromised to host malicious content. Those who use intermediary devices without SSL inspection capabilities should be aware of potential loopholes in their security policies due to this behavior.”
- Home users are more than twice as likely be infected.
Home users are not immune; their routers serve as the hub for networks and smart home devices (IoT), yet most users can’t log into their Linux-based routers to see what they are doing. Meanwhile a hacker can learn everything about a user’s environment, can redirect URLs, carry out man-in-the-middle attacks, and even inject cryptojacking scripts.
Ubiquiti Unifi USG-PRO-4 Security Appliance
The Ubiquiti UniFi Security Gateway Pro (USG-PRO-4)is a is an enterprise Gateway Router with Gigabit Ethernet and two combination SFP/RJ45 ports, combining reliable security features with high-performance routing technology in a cost-effective unit.
The USG-PRO-4 is rack-mountable with fiber connectivity options and a dual-core, 1 GHz processor for maximum hardware‑accelerated performance.
  |
Ubiquiti UniFi Security Gateway Pro Key Features
|
The Ubiquiti UniFi Security Gateway Pro offers two optional SFP ports for fiber connectivity to support backhaul applications.
Powerful Firewall PerformanceThe Ubiquiti UniFi Security Gateway Pro offers advanced firewall policies to protect your network and its data.
Convenient VLAN SupportThe Ubiquiti UniFi Security Gateway Pro can create virtual network segments for
Cisco SOHO VPN Firewalls Vulnerable To Remote Code Execution
Recently Cisco has released several security software updates for the Cisco RV wireless VPN firewalls and routers to plug up a remote code execution flaw (CVE-2019-1663) that can be exploited by malicious HTTP requests
- RV110W Wireless-N VPN Firewall
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router
“The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.”
Cisco did not mention if there was any available public code in the wild to be used to exploit the vulnerability.
The flaw is quite … Read the rest
What is HIPAA used for?
Most of us already know the basic of HIPAA and what the acronym is which is; Health Insurance Portability and Accountability Act and it was passed by Congress in 1996. Now we can move onto the real question which is, what is HIPAA used for?
- Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
- Reduces health care fraud and abuse;
- Mandates industry-wide standards for health care information on electronic billing and other processes; and
- Requires the protection and confidential handling of protected health information
HIPAA is organized into separate “Titles.” For information on the HIPAA Titles read below
Title I: Heath Care Access, Portability and Renewability
HIPAA Title I of the Health Insurance Portability and Accountability Act of 1996 protects health insurance coverage for workers and their families when they change or lose their … Read the rest
New Phishing Trick That Can Bypass Email URL Filters
There is a new Phishing trick that hackers have come up with, this trick is to make Office documents carrying malicious links undetectable by many email security services. They go about deleting the links from the document’s relationship file (xml.rels). This phishing trick has been seen by security professionals during email spam campaigns, these URL’s direct victims to a credential harvesting login page.
How does it work?
What makes up an office document? “Office documents (.docx, .xlsx, .pptx) are made up of a number of XML files that include all the font, image, formatting, and object information which make up the document,” Avanan researchers explain.
These xml.rels file maps the relationships within these doc files and with resources outside of the them. When the document includes web links, they are added to the xml.rels files.
How does your spam filter or antivirus goes about … Read the rest
UniFi Video Surveillance System Is The Best
UNIFI VIDEO PLATFORM
UniFi delivers scale-able enterprise grade video surveillance with disruptive pricing, plug-and-play installation, and powerful easy to use and configure remote viewing software that can be access by your computer, tablet or phone.
Unifi Video Surveillance Equipment
   |
Ubiquiti Networks UniFi Cloud Key G2
|
Free PC Patch Manager
Patch My PC Updater Overview
Patch My PC Updater is a free, easy-to-use program that keeps over 300 apps up to date on your computer. This software not only checks for out of date software it can also install the software automatically for you.
To stay safe online you have to keep your third party software updated and patched at all times. There are many attack surfaces out there and exploiting known third party software is what hackers love to do. Outdated software often contains security vulnerability’s, bugs, and performance issues that are often resolved in the latest version. These are some of the reasons why it’s essential to keep your software updated.
How will it work?
Once you download the software from here and when you open Patch My PC Updater, it will scan your system for outdated programs.
- Programs that are outdated will be shown in – Red
Users Affected by 19 Year Old WinRAR Flaw
WinRAR urges to update one of the worlds most popular compression software that had a flaw that 500 Million users in the past 19 years have been affected by and they finally released a patch for this flaw.
What is the vulnerability?
The UNACEv2.DLL vulnerability was discovered security researchers from Check Point Software and they noted that this impacts all WinRAR versions released in the last 19 years. The UNACEv2.DLL vulnerability allows a hacker to deliver a compromised compressed file to a user and once the user unzips the file it allows the execution of malware into the windows startup of a computer.
WinRAR has released WinRAR 5.70 Beta 2 which will address this vulnerability –tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers.
- Barracuda urges customers to replace Email Security Gateway
- Zero-day vulnerability in the MOVEit file transfer application
- Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions
Data Breach At UW Medicine
The data breach at SEATTLE’s UW Medicine exposed around 974,000 patient records. The files that web public did not contain anything too revealing, no medical or financial information or Social Security Numbers were available to be read. The content that was exposed were names, medical record numbers and descriptions.
How did this happen? A public facing server that hosts their websites had a vulnerability that caused the internal files to have the ability to be searched on the internet. Good news is, corrective actions have been made and files are no longer available.
… Read the rest“UW Medicine became aware of a vulnerability on a website server that made protected internal files available and visible by search on the internet on Dec. 4, 2018,” spokeswoman Susan Gregg said in a statement. “The files contained protected health information (PHI) about reporting that UW Medicine is legally required to track, such as reporting to various
Have I Been Compromised Online?
So, your clicking around on the internet and come across news of compromised companies and now your wondering have I been compromised online? Are my usernames and passwords available online? Unfortunately, the answer to your question is your information is probably in the dark web up for grabs for anyone to take.
Data breaches have become quite common and there isn’t anything you can do about other companies security and how they practice their cyber security protections. It is astonishing how many websites are hacked every day, if your registered on any given website your taking a gamble.
Web Hosting/Website Statistics and Facts 2019 from hostingfacts.com
- As at December 2018, there are approximately 1.94 billion websites in the world.
- The world’s first website was published on August 6, 1991 by British physicist Tim Berners-Lee.
- 8 percent of all Internet traffic comes from bots, while only 48.2 percent of internet traffic
Loading ...