Category Archives: Cybersecurity
Why Cybersecurity Matters For Your Small Business
Cybersecurity is a crucial element for continued success in any industry. What I am sharing with you today are reasons why cybersecurity matters for your small business.
To succeed in today’s technical ecosystem cybersecurity must be part of your small to medium-sized business operations. So the same way that you’d never leave your store or office unlocked and vulnerable to street crime, you should never leave any aspect of your business network unprotected without security. Myself and many other managed service providers can provide a fully up-to-date understanding of cybersecurity — how to help you mitigate the risks and build cyber-resilience.
Why Cybersecurity Matters
Hackers and cybercriminals are getting more sophisticated each year, devising new, creative ways to fool people into handing over money or data. In some instances, they can target your systems without interacting with anyone at the company. There are many cyber security professionals but what really … Read the rest
A macOS 0-day vulnerability let hackers take screenshots
A macOS 0-day vulnerability lets hackers take screenshots of your screen. Hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permissions from any users. However, this attack is finally getting patched with the latest macOS 11.4 update released on May 24th, 2021. If you haven’t already, update your machine today.
The zero-day was exploited by XCSSET, the malware was discovered by security firm Trend Micro. XCSSET used what at the time were two zero-days aimed at developers, specifically their Xcode projects, which then got passed on to regular users.
No one really knows how many Macs are infected, but in a statement from TechCrunch, Apple confirmed that the exploit is no longer an issue after updating to the latest version, the macOS Big Sur 11.4 update.
… Read the rest
VMware vCenter VMSA-2021-0010 Advisory
In this VMware vCenter VMSA-2021-0010 Advisory, VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986).
VMware Impacted Products?
- VMware vCenter Server (vCenter Server)
- VMware Cloud Foundation (Cloud Foundation)
Who is affected?
VMware Security Advisories always list the specific product versions that are affected. In this case it is vCenter Server 6.5, 6.7, and 7.0.
What’s Happening?
In this VMware Advisory they have discovered multiple vulnerabilities in the vSphere Client (HTML5). If the hacker has access to point 443 they could exploit a vulnerability that would allow commands to be executed with unrestricted privileges. VMware advised to update your servers right now!
How to protect your servers.
You can protect yourself by patching vCenter Server, this is the fastest way to resolve this problem and removes the vulnerability completely. From there you can update any plugins as vendors release new versions.
… Read the rest
STRRAT Malware Is At It Again
A recent post from the Microsoft Security Intelligence revealed that STRRAT Malware is at it again with a new version release. The STRRAT malware is an odd duck to say the least. This STRRAT Malware is a Java-based RAT that poses as ransomware. It changes the file names on the infected devices by appending the “.crimson” extension without actually encrypting the files.
About STRRAT
The STRRAT Malware is actively distributing itself through a phishing campaign which includes a malicious attachment. Downloading this attachment will allow the malware to connect with the server to download the payload onto your computer. Once the payload is injected onto the computer the malware will start stealing data like passwords and installs keylogging software. It will also run remote commands and PowerShell, and executes other activities though it’s backdoor access. On top of it all the malware will also start renaming files and making them … Read the rest
What Your Out Of Office Message Tells Hackers
It’s time for a vacation or your going on a business trip and your super excited, naturally our out of office message may reveal some of this excitement to hackers. People don’t naturally think about how cybercriminals would benefit from the details of your Out Of Office Message (OOO). But this attack vector is a great social engineering opportunity.
What Can Hackers Learn From Your OOO Message?
If the company is being targeted an OOO message will raise a flag for the cyber criminal to take action to learn more about you. Many employees share information on social media publicly which can give them a painted picture to what you are doing. Many people would provide overly detailed leave notification in email signatures or add details about their time off in their OOO responses, even when they plan to return to work or the details of the conference they are … Read the rest
Is A Comcast Business Modem HIPAA Compliant?
I know the reason your here is to find out if a stand alone Comcast Business Modem can be used in a Medical Practice and pass the HIPAA compliance security check for protecting a healthcare network. Well, first there are a few things we need to know about HIPAA and Firewall Requirements.
HIPAA Firewalls 101 
The internet is full of viruses and malicious software actively attempting to execute exploits and gain access to computers and networks. Without proper firewalls in place patient data will be vulnerable and accessible to bay guys.
Firewalls can provide a first line of defense. A firewall acts much like a solid brick wall around a building, complete with a gate and security guard. The security guard only allowing the specific things you have told him through.
What Would A Proper HIPAA Approved Firewall Do?
Can A Comcast Modem Reduce Risk And Impact Of Malware?
- A
Lost your iPhone? Someone can use Checkm8 and Checkra1n to jailbreak it.
If you lost your iPhone you should be worried. Someone can hack into it with free software called Checkm8 and Checkra1n to jailbreak it. Essentially they would be able to hack into your phone and by pass any security you have in place.
Why should we care about Checkm8?
The Checkm8 vulnerability works on 11 generations of iPhones, from the 4S to the X. While it doesn’t work on newer devices, Checkm8 can jailbreak hundreds of millions of devices in use today. And because the bootrom can’t be updated after the device is manufactured, Checkm8 will be able to jailbreak in perpetuity.
- Checkm8 requires physical access to the phone. It can’t be remotely executed, even if combined with other exploits
- The exploit allows only tethered jailbreaks, meaning it lacks persistence. The exploit must be run each time an iDevice boots.
- Checkm8 doesn’t bypass the protections offered by the Secure Enclave
Jetty Vulnerability using Invalid Large TLS Frame causes 100% CPU Usage
This Jetty vulnerability is to be considered as a service availability issue. When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage.
The following packages have been upgraded to a later upstream version: rh-eclipse-jetty (9.4.40).
Security Fixes:
- jetty: Symlink directory exposes webapp directory contents (CVE-2021-28163)
- jetty: Ambiguous paths can access WEB-INF (CVE-2021-28164)
- jetty: Resource exhaustion when receiving an invalid large TLS frame (CVE-2021-28165)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Type/Severity
Security Advisory: Moderate
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Developer Tools (for RHEL Workstation) 1
Let’s plant some trees with Ecosia
Ecosia is all about planting trees. 15 million users have planted over 120 million trees, for free. Just by searching the web. Ecosia donates all of its charitable contributions to tree planting charities that work to plant trees in South America, Africa and Indonesia, where the cost of planting trees is lower.
Ecosia knows each tree can remove around 50 kg of carbon dioxide from the atmosphere over a 15 year period, this equates to around 5 million metric tones of CO2 removed from the atmosphere. Since 2020 Ecosia has removed around 0.01% of the CO2 in the atmosphere.
Ecosia donates 80% of their profits to tree-planting charities – nice and simple! It is worth noting that this is far in excess of the 50% donation percentage offered by most other charities. It is important to note that the tree-planting projects that Ecosia supports will help to give paid work … Read the rest
HIPAA Requirements For Passwords
Did you know, within the HIPAA security requirements there are guidelines for deploying and creating a passwords management policy, this would include: creating, changing and protecting passwords? These guidelines were established under the HIPAA Security Rule and within the HIPAA Security Rule it is required to provide Security Awareness and Training for creating policies and procedures on how to preform the storing, changing and creation of passwords.
Complying With HIPAA Security Policies
Many security professionals tend to argue over the HIPAA best practices for passwords but they are all in agreement that there should be a minimum of 8 characters, include upper and lower case letters, numbers, and special characters, this practice has been challenged in recent years, as has the practice of enforcing changes to passwords regularly. However keep in mind that many healthcare organizations are choosing to make it a minimum of 12 characters.
Keeping up with randomly … Read the rest
Loading ...