Category: News

Actively exploited Mac 0-day neutered core OS security defenses

source: https://arstechnica.com/gadgets/2021/04/actively-exploited-mac-0-day-neutered-core-os-security-defenses/ Excerpt: When Apple released the latest version 11.3 for macOS on Monday, it didn’t just introduce support for new features and optimizations. More importantly, the company fixed a zero-day vulnerability that hackers were actively exploiting to install malware without triggering core Mac security mechanisms, some that were in place for more than a decade.   FURTHER READING iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever Together, the defenses provide a comprehensive […]

Windows 10 bug corrupts your hard drive on seeing this file’s icon

source: https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/ An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly. “Critically underestimated” NTFS vulnerability In August 2020, October 2020, and finally this week, infosec researcher Jonas L drew attention to an NTFS vulnerability impacting Windows 10 that […]

Google discloses a zero-day vulnerability in Windows, currently exploited in the wild

Excerpt: “Google’s Project Zero team known to discover security threats has disclosed a zero-day vulnerability in Windows that affects versions from Windows 7 all the way to Windows 10 version 1903. The company’s post says that it has evidence of active exploits, which could allow attackers to execute code with elevated permissions. What’s interesting is that the vulnerability that is tracked with the label CVE-2020-17087, coupled with another actively exploited Chrome zero-day vulnerability disclosed last week (CVE-2020-15999), performs what […]

News Release: DHS Awards $2M to University of Illinois-Led Consortium to Create National Network of Cybersecurity Institutes

Excerpt: News Release: DHS Awards $2M to University of Illinois-Led Consortium to Create National Network of Cybersecurity Institutes WASHINGTON, DC – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to the Critical Infrastructure Resilience Institute (CIRI), a DHS Center of Excellence (COE) led by the University of Illinois at Urbana-Champaign (UIUC), to develop a plan that CISA can execute to build a national network of […]

Multiple Desktops in Windows 10! (Just like Linux!)

  From Software contract Solutions: Virtual desktops: Group apps into separate screens This lets you organize your running applications into separate groupings for various purposes. When you’re in a virtual desktop, you’ll see only the apps running in it, which can help minimize distractions. For example, you could create one virtual desktop for applications you use for work and a second virtual desktop to run applications that you use for personal reasons. Or you could […]

Why You Need An Cyber-Education Plan!

Contact The IT Guys to start a routine, periodic education program for employees/users of any business-not just our HIPAA-Specific Training… Phishing fears cause workers to reject genuine business communications excerpt: Centers for Disease Control and Prevention (CDC) activated its Emergency Operations Center to assist public health partners in responding to COVID-19. Notifications about the pandemic are one example of messaging that some recipients fear to be phishing scams. (CDC) COVID-19 contact tracers are reportedly having difficulties alerting […]

10 Technologies for Grey Zone Conflicts

  Ten Technologies to Stop Grey Zone Attacks The report breaks grey zone attacks down into five categories: Deniable attacks: A cyber attack on utilities or drones attacking an airport Information attacks: Foreign election interference or false text message/email scams User of proxy force: Terrorist attacks on cities or infrastructure Economic coercion: An adversary purchasing and disabling a piece of infrastructure such as an oil refinery Territorial encroachment: Seizing a fishing lane or sovereign territory It also describes 10 […]

11 Minutes of What I Wish All My Customers Could Watch

Imagine your company hires a new employee and then everyone just ignores them, day in and day out, while they sit alone at their desk getting paid to do nothing. This situation actually happens all the time — when companies invest millions of dollars in new tech tools only to have frustrated employees disregard them, says Nadjia Yousif. In this fun and practical talk, she offers advice on how to better collaborate with the technologies […]

7 Steps to Becoming HIPAA Compliant

7 Steps to Becoming HIPAA Compliant 1 Develop and enforce policies and procedures. 2 Appoint or designate a HIPAA Compliance Officer. 3 Conduct effective employee and management training. 4 Establish effective channels of communication. 5 Conduct internal monitoring and auditing. 6 Respond to breaches and undertake corrective action. 7 Assess policies and procedures and amend as necessary. Call The IT Guys to get on track with compliance before you are hit with a multi-million dollar […]

Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People

“If large health insurance entities don’t invest the time and effort to identify their security vulnerabilities, be they technical or human, hackers surely will. This case vividly demonstrates the damage that results when hackers are allowed to roam undetected in a computer system for nearly nine months,” said Roger Severino, OCR Director.  September 25, 2020 Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People   Premera Blue Cross (PBC) has […]

Next Page »