Ransomware – ISC shares 2FA and other defenses

Uncategorized Comments Off on Ransomware – ISC shares 2FA and other defenses

Based on Colonial pipeline & other attacks, a lack of 2-factor authentication (2FA) for remote access to consoles is sited as a key weakness. Ransomware Defenses (sans.edu) But the CISA.gov Ransomware Guide published last September has a decent list of additional advice that is worth reading.  From what became known of recent successful attacks, it looks […]

CISA – SolarWinds Orion exploit removal guidance May 2021

Uncategorized Comments Off on CISA – SolarWinds Orion exploit removal guidance May 2021

CISA continues to update guidance & information related to an exploit implanted into SolarWinds Orion security software that was used by numerous GOVT & business customers. CISA Publishes Eviction Guidance for Networks Affected by SolarWinds and AD/M365 Compromise | CISA Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise | CISA CISA […]

Google I/O 2021 conference – May 18-20 2021

Uncategorized Comments Off on Google I/O 2021 conference – May 18-20 2021

The virtual free Google I/O 2021 conference takes place from May 18 to May 20 What to Expect at Google I/O 2021 | PCMag Register for Google I/O 2021 This year, the search giant is back with its first-ever virtual I/O, which promises “significant product updates and announcements,” according to Google and Alphabet CEO Sundar Pichai. […]

FTC – Cryptocurrency Scams warning May 2021

Uncategorized Comments Off on FTC – Cryptocurrency Scams warning May 2021

FTC warns of 10X increase in Cryptocurrency Scams during past 12 months. FTC to Consumers: Be Careful, Cryptocurrency Scams Are Booming | PCMag FTC Data Shows Huge Spike in Cryptocurrency Investment Scams | Federal Trade Commission Be careful with your Bitcoin investments. The number of people who’ve fallen for cryptocurrency scams has been skyrocketing, according to the […]

RSA – 2021 Security conference May 17-20 2021

Uncategorized Comments Off on RSA – 2021 Security conference May 17-20 2021

What to Expect at the (Virtual) 2021 RSA Conference | PCMag The RSA Conference (RSAC) is, typically, the late-spring San Francisco gathering of the security industry’s greatest minds and biggest companies. But since 2021 is an even less typical year than 2020, RSAC is forgoing the physical gathering and fully embracing a virtual event. Here’s […]

Security – Industrial Control System weaknesses May 2021

Uncategorized Comments Off on Security – Industrial Control System weaknesses May 2021

SANS ISC shares research related to Industrial Control system (ICS) weaknesses found across the internet. Many firms use RDP or VNC connectivity tools to the control center.  And while most major systems are locked down, there are exceptions in review of port 5900 & 5901 analysis.  However some firms are “WIDE OPEN” where with VNC […]

WordPress 5.7.2 – security update May 2021

Uncategorized Comments Off on WordPress 5.7.2 – security update May 2021

WordPress Releases Security Update | CISA News – WordPress 5.7.2 Security Release – WordPress.org WordPress versions between 3.7 and 5.7.1 are affected by a security vulnerability. An attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.7.2.  This […]

Security – 80,000 firms with Industrial Control system exposures

Uncategorized Comments Off on Security – 80,000 firms with Industrial Control system exposures

SANS ISC shares that improvements are being made to reduce Industrial Control system exposures over the internet.  Still, an estimated 80,000 firms are exposed based on recent research. Number of industrial control systems on the internet is lower then in 2020…but still far from zero (sans.edu) With the recent ransomware attack that impacted operation of […]

FBI – Best Practices to Prevent DarkSide Ransomware

Uncategorized Comments Off on FBI – Best Practices to Prevent DarkSide Ransomware

DarkSide Ransomware is the malware that disrupted the Colonial pipeline creating a massive outage for gasoline throughout the eastern USA, with about 50% reduction of availability.  CISA & FBI share an awareness & best practices to prevent similar occurrences within our national infrastructure & service firms Joint CISA-FBI Cybersecurity Advisory on DarkSide Ransomware | CISA […]

Microsoft MAY 2021 – Patch now for possible worm vulnerability

Uncategorized Comments Off on Microsoft MAY 2021 – Patch now for possible worm vulnerability

SANS ISC shares potential for one of the critical CVEs patched to work without interaction on unpatched systems (as a network “worm” attack).  ADMINs should promptly update all vulnerable systems Microsoft May 2021 Patch Tuesday (sans.edu) One of the critical vulnerabilities which requires special attention this month is a remote code execution (RCE) on HTTP Protocol […]


© 2022 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in