Category Archives: Cybersecurity
Ensure Your Cybersecurity While You Travel With NordVPN
Cyber security is no longer just about protecting your computer, website or network. Over the last decade, the borders between cyberspace and travelling have been eliminated. As a result, it’s become a necessity to make sure you’re protected wherever you go – especially if you’re travelling abroad
Free WiFi is a hacker’s dream! A skilled hacker can get all the information from your computer or device by intercepting your connection, since you wrongly assumed it was free. This is why it is important to use a VPN while traveling.
What is a VPN?
A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely. VPN technology is widely used in corporate environments.
NordVPN is
Microsoft Office 0-day Vulnerability
On Tuesday, Microsoft revealed an alarming vulnerability in Internet Explorer, a bug that is being used to harm Windows users. The attack is enabled by a weaponized Office file and works like this: A victim receives an email with a link to a Word document inside. It is very important that you do not click on the link; instead, you should open the document directly.
The critical vulnerability has been found in Microsoft’s proprietary web rendering engine. The flaw, tracked as CVE-2021-40444, allows attackers to remotely execute code on a vulnerable system. The engine is used to render web content inside Word, Excel, and PowerPoint documents.
… Read the restThey have said. “Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,”.
They also added: “An attacker could
CISA & FBI Releases Ransomware Awareness for Holidays and Weekends
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned of a rise in holiday and weekend related ransomware attacks. The reason: They can catch businesses by surprise and cause major damage. holiday ransomware awareness report.
The report stated: “The FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months,”
WhatsApp Photo Filter Security Flaw
Users should be careful about the pictures they view on WhatsApp. If a user receives a picture from a malicious third party, the picture could be edited in such a way that the app could read sensitive data from the memory of the app. In addition, users should update their apps to get the latest security fixes.
WhatsAppAccording to security research firm Check Point, a vulnerability has been found in WhatsApp. The issue causes the app to crash when a user receives certain images. These images are crafted to take advantage of visual effects such as color changes, saturation adjustments, and other alterations.
The bug (CVE-2020-1910) carries a severity rating of 7.8 out of 10. It’s due to a memory corruption error, the firm said – and more specifically, an out-of-bounds read-and-write issue. Typically, this kind of bug can allow attackers to read sensitive information from other … Read the rest
Understanding Hacker Motives
Not all cases are clear-cut. Even when you know how something happened, there’s usually more than one way to interpret the events. Cyber crime is a good example. Investigators often spend a lot of time trying to understand why the crime occurred in the first place. They ask questions like “why did the perpetrator do it?” And “what was their motive?” Even when you can’t answer these questions, trying to understand the why is still useful.
Personal Identifiable Information
Known simply as PII, this data includes a long list of items that can specifically identify an individual, such as full names, home addresses, and national ID numbers (to name just
The Tiers of HIPAA violations
If you violate HIPAA, you will be fined. The penalty fee is determined by how serious the violation is. However, most cases are solved with a technical guidance from the OCR or agreeing to change your policy and procedures to prevent future violations. Financial penalties for HIPAA violations are reserved for the most serious violations of HIPAA Rules.
What Happens if you Violate HIPAA? – HIPAA Violation Classifications
What happens if you break HIPAA? Well, that depends. The Office for Civil Rights prefers to resolve violations using non-punitive measures, such as with voluntary compliance or issuing technical guidance to help covered entities address areas of non-compliance. But more serious violations may result in corrective action, such as termination of your business or even criminal charges.
The four categories used for the penalty structure are as follows:
- Tier 1: A violation that the covered entity was unaware of and could not
Keep Your Home Office Safe And Secure
I am sure we can all say that working from home is great but it poses a whole new set of cyber security challenges and without the convenience of in-house technical support, it can be a problem it’s not like a corporate tech will just go to your house. Here are a few cyber security housekeeping steps to consider to ensure your new office is safe and secure.
Many vendors provide you with a router or if you purchase them in the store make sure to follow these 5 steps.
Log in to your router to access its settings, if you’re unsure how to log in, look at your routers make and model and then you can use that to search the internet for articles or YouTube for videos.
Change the SSID (Service Set Identifier). The SSID is the name of your wireless network. Use WPA instead of WEP Wifi
FBI says that hackers are hijacking online food and agriculture accounts
The FBI has a warning for companies in the food and agriculture industries: Hackers are using the tactic known as credential stuffing to hijack your online accounts and drain your cash. The FBI’s Cyber Division recently sent a Private Industry Notification to businesses in these sectors, warning them that hackers have been targeting accounts at grocery stores, restaurants, and food-delivery services.
In the agency’s report, it said that cybercriminals are using stolen passwords at one company to log into another company’s account. They do this hoping that customers had used the same password for both accounts. Cybercriminals usually use automated tools and proxy botnets to attack multiple companies, including grocery and food delivery services.
The FBI warned that companies can be unaware of account compromises until customers complain that their accounts have been compromised. For example, a customer might notice suspicious activities on their accounts such as food orders for … Read the rest
Fortinet Vulnerability Allows Firewall Takeovers
A critical security bug in a web application firewall (WAF) platform has been disclosed. It could allow privilege escalation and full device takeover. The bug, in the FortiWeb platform, is found in a WAF OS command-injection vulnerability. A patch will be available at the end of the month.
FortiWeb is a cybersecurity defense platform that protects business-critical web applications from attacks and vulnerabilities in the new world of cloud computing. It’s always been able to keep up with new technologies, such as the deployment of new or updated features, or the addition of new web APIs.
The bug (CVE pending) exists in FortiWeb’s management interface (version 6.3.11 and prior), and carries a CVSSv3 base score of 8.7 out of 10, making it high-severity. It can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page, according to Rapid7 researcher William Vu who … Read the rest
How To Create Strong Passwords
Passwords represent one of the most important and most misused forms of security. I say these passwords are misused because even in a world where everyone is concerned about cyber security and getting hacked, people still create weak, easy-to-crack passwords. Below are some common concepts to consider when creating passwords.
Password Length
The longer a password is, the harder it is to crack. Many security professionals recommend 16 unrepeated characters.
Symbols Numbers, and Letters
While it’s true that complex passwords are difficult to guess, they’re also difficult to remember. Avoid complicating your passwords with random characters unless required.
Password Managers
A password manager can generate, save, and sync passwords across multiple devices. It’s a handy application that removes the hassle of having to remember all of your login credentials, and prevents bad habits like writing passwords down a or storing them in unsecure documents.
Changing Passwords
While tedious, it’s smart
Loading ...