FTC – Disaster scams best practices DEC-2021

Uncategorized Comments Off on FTC – Disaster scams best practices DEC-2021

An excellent list of safety tips from FTC to help avoid Disaster scams, esp. related to recent tornado outbreaks.  It’s better to give thru well established organizations (Red Cross, Samaritan’s Purse, etc.) where assurances most of $$$ collected goes directly for the needs. How to spot, stop, and report post-disaster scams | FTC Consumer Information […]

Apache Server – Security update DEC-2021

Uncategorized Comments Off on Apache Server – Security update DEC-2021

Security updates have been released for Apache Server  addressing 2 new vulnerabilities  Apache Releases Security Update for HTTP Server | CISA Apache HTTP Server 2.4 vulnerabilities – The Apache HTTP Server Project Apache HTTP Server Project The Apache Software Foundation has released Apache HTTP Server 2.4.52. This version addresses vulnerabilities—CVE-2021-44790 and CVE-2021-44224—one of which may allow a remote […]

CISA – emergency directive for LOG4J zero-day exploits DEC-2021

Uncategorized Comments Off on CISA – emergency directive for LOG4J zero-day exploits DEC-2021

CISA has issued an emergency GOVT directive for LOG4J zero-day exploits circulating actively in the wild on unpatched Apache servers CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities | CISA https://www.cisa.gov/emergency-directive-22-02 Mitigating Log4Shell and Other Log4j-Related Vulnerabilities | CISA CISA has issued Emergency Directive (ED) 22-02: Mitigate Apache Log4j Vulnerability, directing federal […]

Apache Web servers – CrowdStrike shares in-depth on 0-day LOG4J exploits

Uncategorized Comments Off on Apache Web servers – CrowdStrike shares in-depth on 0-day LOG4J exploits

CrowdStrike shares in-depth research for the zero-day LOG4J exploit attacks Widespread Log4j Remote Code Execution Vulnerability Could Affect Millions — Redmondmag.com Log4j2 Zero Day Vulnerability Update | CrowdCast | CrowdStrike CrowdStrike on Thursday presented advice for organizations attempting to address a security vulnerability in the Log4j Java logging framework used in Apache Web servers, currently […]

Microsoft Edge – new Internet Explorer mode for legacy apps

Uncategorized Comments Off on Microsoft Edge – new Internet Explorer mode for legacy apps

Microsoft is introducing a new Internet Explorer mode via the cloud & edge for legacy apps that still can only run under IE.  After June 2022, all IE support will end. Microsoft Releases New Cloud Tool for Orgs Stuck on Internet Explorer — Redmondmag.com Cloud Site List Management experience for IE mode in Microsoft Edge […]

Malware – Contact Forms generates dangerous email links DEC-2021

Uncategorized Comments Off on Malware – Contact Forms generates dangerous email links DEC-2021

Contact Forms uses a website’s contact mechanism to generate dangerous email links as documented by SANS ISC https://isc.sans.edu/forums/diary/How+the+Contact+Forms+campaign+tricks+people/28142/ “Contact Forms” is a campaign that uses a web site’s contact form to email malicious links disguised as some sort of legal complaint.  We’ve seen this campaign push BazarLoader malware and distribute Sliver, but recently it’s been pushing IcedID (Bokbot).  […]

CISA – Best practices for securing 5G Cloud Infrastructures project – part 4

Uncategorized Comments Off on CISA – Best practices for securing 5G Cloud Infrastructures project – part 4

Best practices are are being created for protecting critical cloud applications that use “5G” wireless connectivity … Security ADMINS should continue to track future developments NSA-CISA Series on Securing 5G Cloud Infrastructure NSA and CISA Release Final Part IV of Guidance on Securing 5G Cloud Infrastructures | CISA CISA has announced the joint National Security Agency (NSA) […]

SANS ISC – rare YELLOW alert declared for LOG4SHELL  CVE-2021-44228 attacks

Uncategorized Comments Off on SANS ISC – rare YELLOW alert declared for LOG4SHELL  CVE-2021-44228 attacks

This new APACHE web server exploit is one of most serious attacks in years https://isc.sans.edu/forums/diary/Log4j+2150+and+previously+suggested+mitigations+may+not+be+enough/28134/ https://isc.sans.edu/forums/diary/Log4j+Getting+ready+for+the+long+haul+CVE202144228/28130/ https://isc.sans.edu/forums/diary/RCE+in+log4j+Log4Shell+or+how+things+can+get+bad+quickly/28120/   Friday (Dec. 10th), we moved our Infocon to “Yellow” for the first time in about two years. We saw an immediate need to get the word out as the log4shell vulnerability ( CVE-2021-44228) was actively exploited and affected various […]

FTC – End of year fake charity scams increase DEC-2021

Uncategorized Comments Off on FTC – End of year fake charity scams increase DEC-2021

Tis’ the season to be alert for SCAMS– and the FTC shares valuable safety tips Make your donation count by avoiding end-of-year charity scams | FTC Consumer Information The season of giving is here. If you celebrate Christmas, you might be about to fill some stockings. But, for many, holiday giving includes supporting charitable causes. […]

FTC – Gift Card SCAM alert DEC-2021

Uncategorized Comments Off on FTC – Gift Card SCAM alert DEC-2021

The FTC reminds consumers to be alert for Gift Card SCAMs circulating actively this time of year & particularly used in Romance & “money-mule” scam attacks Scammers are tricking more people into buying gift cards | FTC Consumer Information According to the newest Data Spotlight, 40,000 people reported losing a whopping $148 million in gift […]


© 2022 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in