Category Archives: Cybersecurity
New Phishing Trick That Can Bypass Email URL Filters
There is a new Phishing trick that hackers have come up with, this trick is to make Office documents carrying malicious links undetectable by many email security services. They go about deleting the links from the document’s relationship file (xml.rels). This phishing trick has been seen by security professionals during email spam campaigns, these URL’s direct victims to a credential harvesting login page.
How does it work?
What makes up an office document? “Office documents (.docx, .xlsx, .pptx) are made up of a number of XML files that include all the font, image, formatting, and object information which make up the document,” Avanan researchers explain.
These xml.rels file maps the relationships within these doc files and with resources outside of the them. When the document includes web links, they are added to the xml.rels files.
How does your spam filter or antivirus goes about … Read the rest
Users Affected by 19 Year Old WinRAR Flaw
WinRAR urges to update one of the worlds most popular compression software that had a flaw that 500 Million users in the past 19 years have been affected by and they finally released a patch for this flaw.
What is the vulnerability?
The UNACEv2.DLL vulnerability was discovered security researchers from Check Point Software and they noted that this impacts all WinRAR versions released in the last 19 years. The UNACEv2.DLL vulnerability allows a hacker to deliver a compromised compressed file to a user and once the user unzips the file it allows the execution of malware into the windows startup of a computer.
WinRAR has released WinRAR 5.70 Beta 2 which will address this vulnerability –tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers.
- Barracuda urges customers to replace Email Security Gateway
- Zero-day vulnerability in the MOVEit file transfer application
- Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions
Data Breach At UW Medicine
The data breach at SEATTLE’s UW Medicine exposed around 974,000 patient records. The files that web public did not contain anything too revealing, no medical or financial information or Social Security Numbers were available to be read. The content that was exposed were names, medical record numbers and descriptions.
How did this happen? A public facing server that hosts their websites had a vulnerability that caused the internal files to have the ability to be searched on the internet. Good news is, corrective actions have been made and files are no longer available.
… Read the rest“UW Medicine became aware of a vulnerability on a website server that made protected internal files available and visible by search on the internet on Dec. 4, 2018,” spokeswoman Susan Gregg said in a statement. “The files contained protected health information (PHI) about reporting that UW Medicine is legally required to track, such as reporting to various
Have I Been Compromised Online?
So, your clicking around on the internet and come across news of compromised companies and now your wondering have I been compromised online? Are my usernames and passwords available online? Unfortunately, the answer to your question is your information is probably in the dark web up for grabs for anyone to take.
Data breaches have become quite common and there isn’t anything you can do about other companies security and how they practice their cyber security protections. It is astonishing how many websites are hacked every day, if your registered on any given website your taking a gamble.
Web Hosting/Website Statistics and Facts 2019 from hostingfacts.com
- As at December 2018, there are approximately 1.94 billion websites in the world.
- The world’s first website was published on August 6, 1991 by British physicist Tim Berners-Lee.
- 8 percent of all Internet traffic comes from bots, while only 48.2 percent of internet traffic
Trickbot can now obtain your remote access credentials
The Banking Trojan called Trickbot has an updated ability and can now harvest your username and passwords from remote access type applications. This would allow the hacker to remote into systems using the username and password obtained.
TrendMicro Analysts stated “The malware arrives via an email disguised as a tax incentive notification from a major financial services company. This email includes a macro enabled (XLSM) Microsoft Excel spreadsheet attachment (detected as Trojan.W97M.MERETAM.A) that purportedly contains the details of the tax incentive. However, as these attachments usually go, this macro is malicious and will download and deploy Trickbot on the user’s machine once activated.”
The figure below is the email that someone will receive with the malware payload disguised as an attached excel document. Please be vigilant, don’t open an attachment unless you know who it is from & are expecting it.
You can be more safe by following the best … Read the rest
HIPAA Compliance Checklist
Are you looking for a HIPAA Compliance Checklist to self-evaluate your practice or organization? I have created an easy to read document that does just that.
This HIPAA Compliance Checklist was built upon a previous post called: HIPAA Compliance Program Tips which spoke about The Seven Fundamental Elements of an Effective Compliance Program Implementing written policies, procedures and standards of conduct.
This checklist is only created with knowledge of general questions and answers that you should have in place to state that you are HIPAA compliant, and does not qualify as legal advice. Successfully completing this checklist DOES NOT certify that you or your organization are HIPAA compliant.… Read the rest
Critical vulnerability in WordPress plugin Simple Social Buttons
There is a critical vulnerability in the WordPress plugin called Simple Social Buttons. The vulnerability can be used to enable a non-admin user to modify your WordPress installation and allow them to take over your website.
So what is the issue here? The researchers with WebARX stated on Monday (2-11-19) that the vulnerability results from two issues in the Simple Social Buttons plugin being how the application was coded and a lack of permission checks. This vulnerability allow any user type to change any option from the ‘wp_options’ database table, which is where the crucial configuration of a WordPress installation is located.
“Improper application design flow, chained with lack of permission check resulted in privilege-escalation and unauthorized actions in WordPress installation allowing non-admin users, even subscriber user type to modify WordPress installation options from the wp_options table,” Luka Sikic, developer and researcher with WebARX, stated on a Monday post.… Read the rest
HIPAA COMPLIANCE PROGRAM TIPS
Here are the Fundamental and Practical Tips for achieving HIPAA compliance with your organization.
The Seven Fundamental Elements of an Effective Compliance Program
- Implementing written policies, procedures and standards of conduct.
- Designating a compliance officer and compliance committee.
- Conducting effective training and education.
- Developing effective lines of communication.
- Conducting internal monitoring and auditing.
- Enforcing standards through well-publicized disciplinary guidelines.
- Responding promptly to detected offenses and undertaking corrective action.
Five Practical Tips for Creating A Culture of Compliance
- Make compliance plans a priority now.
- Know your fraud and abuse risk areas.
- Manage your financial relationships.
- Just because your competitor is doing something doesn’t mean you can or should. Call 1-800-HHS-TIPS to report suspect practices.
- When in doubt, ask for help.
Feel free to comment below if you need assistance or have any questions regarding HIPAA Compliance and click on the following post looking for a HIPAA Compliance Checklist
… Read the rest
Slack has upcoming HIPAA Compliant Features
Slack has been working hard and now have some upcoming HIPAA Compliant Features in the works. So far their file upload service is the only feature that is HIPAA compliant. Let’s not shy away from the vendor just yet because after all they are NIST complaint and which plays a roll into HIPAA.
Since its launch, Slack has not been HIPAA compliant, although steps have been taken to develop a version of the platform that can be used by healthcare organizations. That version is called Slack Enterprise Grid.
The only HIPAA compliance Slack app would be the Enterprise Gold which is not the same as the other business platforms. Slack Enterprise Gold is built on a more robust platform designed for 500 or more employees.
The Slack Enterprise Gold platform encrypts data in transit and at rest. It has customer message retention and data loss prevention. Which is a step … Read the rest
Remote Desktop Protocol Has Plenty Code-Execution Flaws
Remote Desktop Protocol has plenty of code-execution flaws in both open-source RDP and Microsoft’s RDP client. This makes it possible for a malicious hackers to infect a client computer and then allow them to intrude into the IT network as a whole.
What IS RDP?
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software. Clients exist for most versions of Microsoft Windows (including Windows Mobile), Linux, Unix, macOS, iOS, Android, and other operating systems. RDP servers are built into Windows operating systems; an RDP server for Unix and OS X also exists.
So What Is The Issue?
According to Check Point research released on Tuesday at a Las Vegas event, open-source and Microsoft … Read the rest
Loading ...