Category: News

Microsoft, CISA, Confirm Windows 10 Zero-Day Attack: Can You Stop It?

source: https://www.forbes.com/sites/daveywinder/2021/09/09/warning-microsoft-confirms-new-windows-10-attack-heres-the-fix/?ss=cybersecurity&sh=482b904c4267 “Microsoft has warned Windows 10 users that a previously unknown, and therefore unpatched, security vulnerability is being exploited by cybercriminals. The zero-day is a high-rated vulnerability (falling just short of critical) that could allow an attacker to remotely execute code on the target computer and potentially gain complete control.   Additionally, Microsoft has confirmed that cybercriminals are known to be already exploiting CVE-2021-40444 and advises users to take speedy mitigation action until an official patch […]

Actively exploited Mac 0-day neutered core OS security defenses

source: https://arstechnica.com/gadgets/2021/04/actively-exploited-mac-0-day-neutered-core-os-security-defenses/ Excerpt: When Apple released the latest version 11.3 for macOS on Monday, it didn’t just introduce support for new features and optimizations. More importantly, the company fixed a zero-day vulnerability that hackers were actively exploiting to install malware without triggering core Mac security mechanisms, some that were in place for more than a decade.   FURTHER READING iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever Together, the defenses provide a comprehensive […]

Windows 10 bug corrupts your hard drive on seeing this file’s icon

source: https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/ An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly. “Critically underestimated” NTFS vulnerability In August 2020, October 2020, and finally this week, infosec researcher Jonas L drew attention to an NTFS vulnerability impacting Windows 10 that […]

Google discloses a zero-day vulnerability in Windows, currently exploited in the wild

Excerpt: “Google’s Project Zero team known to discover security threats has disclosed a zero-day vulnerability in Windows that affects versions from Windows 7 all the way to Windows 10 version 1903. The company’s post says that it has evidence of active exploits, which could allow attackers to execute code with elevated permissions. What’s interesting is that the vulnerability that is tracked with the label CVE-2020-17087, coupled with another actively exploited Chrome zero-day vulnerability disclosed last week (CVE-2020-15999), performs what […]

News Release: DHS Awards $2M to University of Illinois-Led Consortium to Create National Network of Cybersecurity Institutes

Excerpt: News Release: DHS Awards $2M to University of Illinois-Led Consortium to Create National Network of Cybersecurity Institutes WASHINGTON, DC – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to the Critical Infrastructure Resilience Institute (CIRI), a DHS Center of Excellence (COE) led by the University of Illinois at Urbana-Champaign (UIUC), to develop a plan that CISA can execute to build a national network of […]

Multiple Desktops in Windows 10! (Just like Linux!)

  From Software contract Solutions: Virtual desktops: Group apps into separate screens This lets you organize your running applications into separate groupings for various purposes. When you’re in a virtual desktop, you’ll see only the apps running in it, which can help minimize distractions. For example, you could create one virtual desktop for applications you use for work and a second virtual desktop to run applications that you use for personal reasons. Or you could […]

Why You Need An Cyber-Education Plan!

Contact The IT Guys to start a routine, periodic education program for employees/users of any business-not just our HIPAA-Specific Training… Phishing fears cause workers to reject genuine business communications excerpt: Centers for Disease Control and Prevention (CDC) activated its Emergency Operations Center to assist public health partners in responding to COVID-19. Notifications about the pandemic are one example of messaging that some recipients fear to be phishing scams. (CDC) COVID-19 contact tracers are reportedly having difficulties alerting […]

10 Technologies for Grey Zone Conflicts

  Ten Technologies to Stop Grey Zone Attacks The report breaks grey zone attacks down into five categories: Deniable attacks: A cyber attack on utilities or drones attacking an airport Information attacks: Foreign election interference or false text message/email scams User of proxy force: Terrorist attacks on cities or infrastructure Economic coercion: An adversary purchasing and disabling a piece of infrastructure such as an oil refinery Territorial encroachment: Seizing a fishing lane or sovereign territory It also describes 10 […]

Next Page »