HPE SAS SSD users need to install a critical firmware patch or they’ll lose their SSDs, including their data.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Do you own one of these systems?
Category Archives: Security Threats and Solutions
SIM-Swapping Is the Biggest Security Threat You Face and Almost No One Is Trying to Fix It. Here’s Why It Matters.
Imagine you try to log into your bank account one day to setup a payment on your mortgage. You realize that something’s wrong when the bank’s website tells you you’ve entered the wrong password. That’s strange, you think as you click the link to “reset your password.” It’s an easy process, but first, the bank requires that you prove you’re actually you, by sending a simple text message with a six-digit code to the mobile phone number on file. But when you request your code, the text never comes. …
inc.com click the link to read the rest of the story. Our FREE Tools can help!
How do you keep ahead of all of these threats?
Join the conversation on our Facebook Page!
fake software update downloads malware when you click ‘later’
The hacking campaign has two variations, according to tech security company Zscaler, which has been tracking it. In the first version, the crooks hack into insecure WordPress sites using the theme plugin vulnerability and inject malicious redirect scripts into the compromised site. This allows them to display a fake Flash Player update alert to the user over the compromised site, which aims to trick website visitors into starting a software update. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Do you determine whether an update is real or not?
How SMS Works—and Why You Shouldn’t Use It Anymore
Text messages are sent in a multi-step process. While your message might be encrypted from your phone to the first cell tower, it’s not encrypted after that. And your SMSC may keep the message even if both the sender and recipient delete it. ..
popularmechanics. com click the link to read the rest of the story. Our FREE Tools can help!
Do you still use sms?
Beware of public USB charging stations
Travelers are advised to avoid using public USB power charging stations in airports, hotels, and other locations because they may contain dangerous malware, the Los Angeles District Attorney said in a security alert published last week. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Do you use public charging stations?
Microsoft to apply California’s privacy law for all US users
Microsoft‘s chief privacy officer promises to apply the CCPA to all US users, not just Californians. … The California Consumer Privacy Act, or CCPA, is currently set to go into effect on January 1, 2020. The upcoming law is considered one of the most restrictive privacy legislations in the world world. … Under the CCPA, companies must be transparent about the type of data they collect from users and how they use it. In addition, companies must also provide users with the option to prevent their personal information from being sold.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Will your business be compliant in time?
Your WordPress site is at risk: These precautions and plugins can keep it secure
It’s an interesting paradox. WordPress powers 35 percent of all websites on the Internet, in part because it’s so flexible … But the paradox is that WordPress itself, along with the add-on plugins and themes. is open source. WordPress core, plugin, and theme development is done by a community of companies, professionals, and individual enthusiasts, each with varying degrees of software development and deployment skills. Each WordPress site is the sum of all those components…
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
How confident are you that your website is safe?
Firefox New Privacy Protections Lets You Track the Trackers
Firefox is taking the guesswork out of how to give yourself more privacy online providing always-on features like blocking third-party tracking cookies and cryptominers also known as Enhanced Tracking Protection.
Mozilla.org click the link to read the rest of the story. Our FREE Tools can help!
Will you use their new privacy features?
New ‘unremovable’ xHelper malware has infected 45,000 Android devices
Over the past few months, many users have complained about xHelper’s near “unremovable” state… While the trojan is currently engaging in spam and ad revenue, it also possesses other, more dangerous features. xHelper can download and install other apps, a function that the xHelper could at any point to deploy second-stage malware payloads, such as ransomware, banking trojans, DDoS bots, or password stealers.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Are you safe using an Android phone?
New IoT botnet army targeting small office and home routers
Tens of thousands of Wi-Fi routers are potentially vulnerable to an updated form of malware that takes advantage of known vulnerabilities to rope these devices into a botnet for the purposes of selling distributed denial of service (DDoS) attack capabilities to cyber criminals. A new variant of Gafgyt malware – which first emerged in 2014 – targets small office and home routers from well-known brands …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Are you using one of these routers?
This easy-to-use information-stealing trojan malware is quickly gaining popularity among cyber criminals
Racoon Stealer isn’t sophisticated, but it has stolen credit card information, passwords and more from hundreds of thousands of victims, and an aggressive marketing campaign means its popularity is still growing, security researchers warn. A new kind of easy to use trojan malware is gaining popularity among cyber criminals, providing them with simple means of stealing credit card data, passwords and cryptocurrency — and it has already infected hundreds of thousands of Windows users around the world.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Have any of your associate’s been hit, yet??
How to replace each Google service with a more privacy-friendly alternative
As privacy concerns grow, companies like Google and Facebook that rely on data collection and advertising for revenue are increasingly in the spotlight. But is it really possible to give up Google’s vast range of services? Here are recommended alternatives. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Have you given up on protecting your privacy?
The Keys To A Digital Disaster Recovery Plan For Business Leaders
As a small business owner, I found out that I was the perfect target for cybercriminals when I read certified IT professional Darren Coleman’s book, Easy Prey: How to Protect Your Business from Data Breach, Cybercrime, & Employee Fraud. It inspired me to arm myself with some common sense and the realization that I am responsible for my viral life just as I am for my real life. …
Forbes.com click the link to read the rest of the story. Our FREE Tools can help!
How do you keep informed of the threats to your business?Join the conversation on our Facebook Page!
WAV audio files are now being used to hide malicious code
Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code. … All previous instances where malware used steganography revolved around using image file formats, such as PNG or JPG. The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
How are you keeping up with all the latest threats?
FBI Warning: Multi-Factor Authentication Is Being Defeated
The FBI has now warned that it “has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks.” … But according to the FBI, this use of secondary tokens or one-time codes to back-up usernames and passwords still isn’t enough. Unless companies employ “biometrics or behavioral information—such as time of day, geolocation, or IP address,” there is a risk that an attack can either trick a user into disclosing a multi-factor authentication code or use technical interception to create one for themselves. …
Forbes.com click the link to read the rest of the story. Our FREE Tools can help!
What additional security measures do you use?Join the conversation on our Facebook Page!
California’s new privacy law gets teeth with proposed regulations
California proposed regulations on Thursday to dictate how the state will enforce its tough, new privacy law. The law, known as the California Consumer Privacy Act, gives consumers more control over how companies collect and manage their personal data. It goes into effect on Jan. 1. The CCPA, seen as establishing the most stringent data privacy protections in the nation, allows people to request that data be deleted and gives them the opportunity to opt out of having their information sold to a third party. …
Cnet.com click the link to read the rest of the story. Our FREE Tools can help!
How will this affect your business?
OneDrive adds Personal Vault option for private files and photos
A new feature in the consumer version of Microsoft’s OneDrive lets you store sensitive files in the cloud with extra encryption and authentication options. But you’ll need an Office 365 subscription for unlimited access. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Will you use this new feature?
Ransomware incident to cost Danish company a whopping $95 million
Demant, one of the world’s largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month. This marks one of the most significant losses caused by a cyber-security incident outside of the NotPetya ransomware outbreak…
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
What would it cost your business, if it took weeks to recover?
99% of all misconfigurations in the public cloud go unreported
Today’s data breaches often seem to be caused not just by malware infections or external threat actors, but human error, insiders with an ax to grind, and simple security failures. Some companies will bury their head in the sand, attempting to ignore responsible, private disclosures of data leaks, while others will act rapidly when their information — and reputation — is at stake.
According to new research released Tuesday and conducted by cybersecurity firm McAfee, titled, “Cloud-Native: The Infrastructure-as-a-Service Adoption and Risk,” the majority of IaaS misconfigurations are going unnoticed. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Have you tested your cloud service security?
Silicon Valley is terrified of California’s privacy law. Good.
In a little over three months, California will see the widest-sweeping state-wide changes to its privacy law in years. California’s Consumer Privacy Act (CCPA) kicks in on January 1 and rolls out sweeping new privacy benefits to the state’s 40 million residents — and every tech company in Silicon Valley. California’s law is similar to Europe’s GDPR. …
TechCrunch.com click the link to read the rest of the story. Our FREE Tools can help!
How are you preparing your business for the new laws?Join the conversation on our Facebook Page!
The ultimate smartphone guide to killing spyware and stalkerware
This guide will run through what spyware is, what the warning signs of infection are, and how to remove such pestilence from your mobile devices. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Did you find anything on your smartphone?
Simjacker attack exploited in the wild to track users for at least two years
Simjack exploits a technology residing on the SIM card, the attack also works independently of the user’s device type. “We have observed devices from nearly every manufacturer being successfully targeted to retrieve location: Apple, ZTE, Motorola, Samsung, Google, Huawei, and even IoT devices with SIM cards,” researchers said. The only good news is that the attack doesn’t rely on regular SMS messages…
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Do you suspect that you have been compromised?
Facebook, Microsoft: We’ll pay out $10m for tech to spot deepfake videos
If AI-generated ‘deepfake’ videos are going to spread like wildfire and cause social chaos in the future, it’s probably going to happen on Facebook… The aim is to create tech that everyone can use to detect when a video has been manipulated with AI. However, to do that, it needs to have a larger dataset of deepfake content to work with, and so far the industry doesn’t have it or a benchmark for detecting deepfakes, according to Facebook.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
What else can we do to fight these fake videos?
Cybersecurity alert: 34% of vulnerabilities found this year remain unpatched
The overall number of reported vulnerabilities in the first half of 2019 has dropped slightly from last year, but risks remain high…
TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!
How quickly do you patch fixes to these vulnerabilities?
Join the conversation on our Facebook Page!
States preparing for ransomware voter assaults
The challenge: lock down the most exposed part of the nation’s election system. … A ransomware attack in 2020 could prove devastating, preventing voters from registering or poll workers from confirming voter eligibility, officials say.
Cnet.com click the link to read the rest of the story. Our FREE Tools can help!
Are you concerned with this threat?
Ransomware hits hundreds of dentist offices in the US
Hundreds of dental practice offices in the US have had their computers infected with ransomware this week, ZDNet has learned from a source. The incident is another case of a ransomware gang compromising a software provider and using its product to deploy ransomware on customers’ systems. In this case, the software providers are The Digital Dental Record and PerCSoft…
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Was your dentist hit?
Phishing attacks jump by 21% in latest quarter, says Kaspersky
The number of worldwide phishing attacks detected by Kaspersky hit 129.9 million during the second quarter of 2019, according to a new report from the security vendor.
TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!
Have you been hit this year?
Ransomware attacks have more than doubled this year
Ransomware attacks have more than doubled this year, as criminals turn to powerful new forms of file-locking malware and additional attack techniques to conduct campaigns that are more lucrative than ever before.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Has your business been hit?
Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks
The threat actor behind the coordinated ransomware attack against multiple Texas local governments may have gained access to its computer systems via a third-party software provider. According to NPR, which first reported the development, the attackers want a collective ransom of $2.5 million. So far, there are no indications the amount has been paid.
TheNextWeb.com click the link to read the rest of the story. Our FREE Tools can help!
What would you do, if hit by an attack?Join the conversation on our Facebook Page!
Symantec fails to keep up with new industry standards
It seems that six months is not enough for Symantec to get its ducks in a row, as its anti-virus software is unable to handle new security industry standards (SHA-2 signatures), and led to Microsoft withholding updates from certain devices. In an update note for Windows 7 and Server 2008 R2, Microsoft said that when a device runs any Symantec or Norton antivirus program, and attempts to install an update signed only with SHA-2, the antivirus program blocks or deletes the update during installation, which could make the operating system stop working. …
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Are you still using Symantec or Norton? Why?
