source: https://arstechnica.com/gadgets/2021/04/actively-exploited-mac-0-day-neutered-core-os-security-defenses/ Excerpt: When Apple released the latest version 11.3 for macOS on Monday, it didn’t just introduce support for new features and optimizations. More importantly, the company fixed a zero-day vulnerability that hackers were actively exploiting to install malware without triggering core Mac security mechanisms, some that were in place for more than a decade. […]
source: https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/ An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly. “Critically underestimated” NTFS vulnerability In […]
Excerpt: “Google’s Project Zero team known to discover security threats has disclosed a zero-day vulnerability in Windows that affects versions from Windows 7 all the way to Windows 10 version 1903. The company’s post says that it has evidence of active exploits, which could allow attackers to execute code with elevated permissions. What’s interesting is that the […]
Excerpt: News Release: DHS Awards $2M to University of Illinois-Led Consortium to Create National Network of Cybersecurity Institutes WASHINGTON, DC – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to the Critical Infrastructure Resilience Institute (CIRI), a DHS Center of Excellence (COE) led by the […]
From Software contract Solutions: Virtual desktops: Group apps into separate screens This lets you organize your running applications into separate groupings for various purposes. When you’re in a virtual desktop, you’ll see only the apps running in it, which can help minimize distractions. For example, you could create one virtual desktop for applications you […]
Contact The IT Guys to start a routine, periodic education program for employees/users of any business-not just our HIPAA-Specific Training… Phishing fears cause workers to reject genuine business communications excerpt: Centers for Disease Control and Prevention (CDC) activated its Emergency Operations Center to assist public health partners in responding to COVID-19. Notifications about the pandemic […]
Ten Technologies to Stop Grey Zone Attacks The report breaks grey zone attacks down into five categories: Deniable attacks: A cyber attack on utilities or drones attacking an airport Information attacks: Foreign election interference or false text message/email scams User of proxy force: Terrorist attacks on cities or infrastructure Economic coercion: An adversary purchasing and disabling a […]
Imagine your company hires a new employee and then everyone just ignores them, day in and day out, while they sit alone at their desk getting paid to do nothing. This situation actually happens all the time — when companies invest millions of dollars in new tech tools only to have frustrated employees disregard them, […]
7 Steps to Becoming HIPAA Compliant 1 Develop and enforce policies and procedures. 2 Appoint or designate a HIPAA Compliance Officer. 3 Conduct effective employee and management training. 4 Establish effective channels of communication. 5 Conduct internal monitoring and auditing. 6 Respond to breaches and undertake corrective action. 7 Assess policies and procedures and amend […]
“If large health insurance entities don’t invest the time and effort to identify their security vulnerabilities, be they technical or human, hackers surely will. This case vividly demonstrates the damage that results when hackers are allowed to roam undetected in a computer system for nearly nine months,” said Roger Severino, OCR Director. September 25, 2020 […]
