Category Archives: Cybersecurity
Microsoft Patched 100 Vulnerabilities
Microsoft has pushed a hefty list of Patches on Tuesday to fix over 100 Vulnerabilities and 16 CVEs making the critical list.
This is actually the thrid mont that Microsoft has pushed over 100 vulnerabilities patches. May’s list does not contain any vulnerabilities currently being exploited in the wild, which is a good thing.
Make sure that you are always patching your systems.
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
- How to Automate Ubuntu Server System Updates and Package Installation
- Introducing Zevonix: Your Pathway to Smarter IT
Sophos XG Firewall Vulnerability
Hackers have been targeting Sophos XG Firewall due to the Zero-Day exploit that allows hackers to inject the Asnarok Malware.
Sophos said in their blog. “The attack affected systems configured with either the administration interface (HTTPS admin service) or the user portal exposed on the WAN zone. In addition, firewalls manually configured to expose a firewall service (e.g. SSL VPN, SPX Portal) to the WAN zone that shares the same port as the admin or User Portal were also affected.”
What was compromised?
It was found that the data impacted on the firewall was all local usernames and hashed passwords of any local user accounts. This would mean, local device admins, user portal accounts, and accounts used for remote access. However the passwords associated with external authentication like Active Directory (AD) or LDAP were not compromised.
Have I been compromised?
Well Sophos best practice is to make sure the firewall … Read the rest
Is OpenDNS Umbrella HIPAA Compliant?
So the question your asking Is OpenDNS Umbrella HIPAA Compliant? Surely OpenDNS Umbrella and its software client is questionable, right? Is this a breach of HIPAA Compliance?
Lets Review The Basics…
Lets go back to the basics, OpenDNS is a company and service that extends the Domain Name System by adding features such as Logging, phishing protection, malware protection and content filtering in addition to DNS lookup, if its DNS servers are used. So knowing this it already seems to be better than Comcast DNS of 75.75.75.75 or Googles DNS of 8.8.8.8. Open DNS Umbrella actually provides something of value.
Let’s look at exactly how a DNS request works.
- A DNS request starts when you try to access a computer on the internet. For example, you type PatrickDomingues.com in your browser address bar.
- The first stop for the DNS request is the local DNS cache. As you access different computers,
Zeus Sphinx Banking Trojan Ramps Up During COVID19
The Zeus and Sphinx Banking Trojan is showing off its ugly face more often now during COVID19, lurking and targeting desperate users looking for information about COVID19.
According to researchers Amir Gandler and Limor Kessem at IBM X-Force, the researchers observed a significant increase in volume in March 2020, of the Zeus and Sphinx’s malware. It was clear that the operators looked to take advantages around government relief payments to COVID19 affected people and companies.
In March 2020 these phishing and malspam campaigns emails tell targets that they need to fill out an attached form to receive coronavirus relief from the government. These new Zeus and Sphinx Banking Trojan variant is spreading via coronavirus-themed email sent to victims in the U.S., Canada and Australia, housed in malicious attachments named “COVID 19 relief,” according to an X-Force blog posting on Monday.
Stay vigilant and review these Email Security Tips you can … Read the rest
TOP Horrible Passwords To Use For 2020
How many Horrible Passwords are there? Let me tell you there are about 500 of them and we will show you the TOP Horrible Passwords To Use For 2020. Any password documented publicly or available in the darkweb can be used in a dictionary attack. This is a form of brute force attack technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.
NO | Top 1-100 | Top 101–200 | Top 201–300 | Top 301–400 | Top 401–500 |
1 | 123456 | porsche | firebird | prince | rosebud |
2 | password | guitar | butter | beach | jaguar |
3 | 12345678 | chelsea | united | amateur | great |
4 | 1234 | black | turtle | 7777777 | cool |
5 | pussy | diamond | steelers | muffin | cooper |
6 | 12345 | nascar | tiffany | redsox | 1313 |
7 | dragon | jackson | zxcvbn | star | scorpio |
8 | qwerty | cameron | tomcat | testing | mountain |
9 | 696969 | 654321 | golf | shannon | madison |
CoronaVirus Business Continuity Plan Checklist
No one can predict the future; however, you can be ready with a sound CoronaVirus Business Continuity Plan. This CoronaVirus business continuity checklist is the first step in the BCP process. The checklist is not an exhaustive list, it is a simple tool that can be used to ensure that the basic CoronaVirus Business Continuity Plan process has been initiated and the division management has considered what needs to be done to keep essential functions operating if an adverse event occurs. The CoronaVirus Business Continuity Plan Checklist is somewhat “information centric” as organisation’s reliance on information is increasing and its successful management provides a competitive advantage.
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
- How to Automate Ubuntu Server System Updates and Package Installation
- Introducing Zevonix: Your Pathway to Smarter IT
Help your users spot Covid-19 phishing emails
As the Covid-19 pandemic rises scammers are now using the fear of the public to capitalize by using a method of email phishing to steal money and data.
World Health Organisation Advice
There has been a growing confusion around the next steps to take, scammers can slip through the cracks. Health advice emails, advising people to sign up to doctor and fake links to “safety tips”.
Some emails are even claiming to have found a cure for the virus! As of yet, (13th March 2020) there is no vaccine so these emails should be deleted immediately.
To verify that an email is legitimate contact the World Health Organisation directly, and flag the phishing email as fraud if it is so to help others avoid making the mistake of giving these scammers their details.
The World Health Organisation has recommended to check the original email address to make sure it … Read the rest
Unpatched Systems Are Still A Major Attack Vector
Unpatched systems are still a major attack vector for hackers. These unpatched systems can invite major troubles for an organization. The issue can turn worse when the organization falls victim to a data breach and compromises confidential data.
Time and time again it was found that the same vulnerabilities kept being the top vector for exploitation via phishing attacks which the payload targeted specific flaws in the Microsoft product line.
Top flaws
Some flaws that have been actively used to launch attacks are:
- CVE-2016-0189 – Memory corruption flaw in Microsoft’s Internet Explorer
- CVE-2017-8570 – Remote code execution flaw in Microsoft Office
- CVE-2017-0143 – Affects SMBv1 protocol
- CVE – 2018-11776 -Remote code execution Apache Struts
- CVE-2017-11882 – Remote code execution Microsoft Office
- CVE-2009-3129 – Remote code execution in Microsoft Excel/Word
- CVE-2017-11774 – Security Feature Bypass vulnerability in Microsoft Outlook
Bottom line
It is no surprise that
Apps In Google Play Store Found With Haken Malware
The Haken malware obtains sensitive data from victims and secretly signs them up for expensive premium subscription services.
The eight apps that were found have since been removed. Users have collectively been downloaded 50,000 times. These apps were utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump tower,” “ball number shooter” and “Inongdan.” The apps legitimately function as advertised, but in the background covertly perform an array of malicious functions.
“Haken has shown clicking capabilities while staying under the radar of Google Play,” said researchers from Check Point Research. “Even with a relatively low download count of 50,000+, this campaign has shown the ability that malicious actors have to generate revenue from fraudulent advertising campaigns.”
Google Play store has been battered with new variants of malware try and stay clear of random free apps that are unknown.
… Read the restYour Not HIPAA Compliant Using Windows Server 2008
If your using Windows Server 2008 or older on your network it makes you none HIPAA Compliant and should be ashamed for putting your clients and patient information at risk.
What Windows Server 2008 “END OF LIFE” and HIPAA mean for you?
What you need to worry about is that Windows Server 2008 will no longer receive windows security updates for vulnerabilities and this in itself is a breach in HIPAA compliance. This also means that Microsoft will no longer offer technical support for any issues, software updates, and security updates or fixes.
One of the main reasons why Your Not HIPAA Compliant Using Windows Server 2008 is because of the lack of security updates and fixes. This puts all information stored on Windows Server 2008, including confidential client information, will be at risk. Hackers and external security threats will know about this stop date, and as such will … Read the rest