“While the cat is away – the mice will play” .. As alll in IT field need R&R — CISA shares it’s an optimal time frame to launch new innovative attacks as ADMINS may be more apt to be “out of office” FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends | CISA Ransomware Awareness […]
CISA Adds Single-Factor Authentication to list of Bad Practices | CISA https://www.cisa.gov/BadPractices Today, CISA added the use of single-factor authentication for remote or administrative access systems to our Bad Practices list of exceptionally risky cybersecurity practices. Single-factor authentication is a common low-security method of authentication. It only requires matching one factor—such as a password—to a username […]
Many “flavors” of Ransomware are circulating as some of most dangerous active security threats FBI Releases Indicators of Compromise Associated with Hive Ransomware | CISA 210825.pdf (ic3.gov) The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with ransomware attacks by Hive, a […]
ADMINS should pilot test & roll out recent critical updates for VMWARE as a leading virtual solution. These updates usually occur more on quarterly than monthly basis as a fairly secure partitioning environment VMware Releases Security Updates for Multiple Products | CISA VMSA-2021-0018 (vmware.com) Advisory ID: VMSA-2021-0018 CVSSv3 Range: 4.4 – 8.6 Issue Date: 2021-08-24 […]
Microsoft, Google, and other major vendors are committing funding to help improve national cybersecurity Microsoft Pledges $20B Cybersecurity Investment After White House Talk — Redmondmag.com Google, Microsoft, Others Promise to Spend Billions to Improve National Cybersecurity | PCMag Big tech companies pledged money and efforts following an Aug. 25 Biden administration meeting on U.S. cybersecurity […]
While the survey yielded a divided result, there was some growth in better labeling or even deleting false information based on recent polling. Nearly Half of Americans Want the Government to Restrict Misinformation Online | PCMag Above all else, Americans value their freedom. Freedom of speech allows us to say what we want and speak […]
FTC shares awareness that fake COVID-19 VAX or fake test results are more serious than folks might imagine. One should avoid risks associated with using fake information to gain public access based on these warnings. Don’t buy fake COVID-19 vaccine cards or negative test results. Here’s why | FTC Consumer Information More and more places […]
Quick UDP Internet Connection protocol is a new network protocol standard that can fit within the TCP/IP network stream using special packaged UDP with 2021 security standards & performance efficiencies rather than the more wide open TCP/IP developed decades ago. Microsoft Embracing Native QUIC in Newer Windows OSes and Edge Browser — Redmondmag.com What’s QUIC? […]
SANS ISC shares an example of active EXE based exploits in WORD documents, even though VBA macros are no longer in use for latest versions of Office. Malicious scripts, web links, and EXEs are popular methods of infection even in WORD. .docx With Embedded EXE (sans.edu) If you are familiar with maldocs, you know that […]
The FBI have shared an alert of increased ransomware attacks by the OnePercent Group FBI Releases Indicators of Compromise Associated with OnePercent Group Ransomware | CISA 210823.pdf (ic3.gov) The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with ransomware attacks by the OnePercent Group, a cyber-criminal organization known […]
