720-891-1663

Security News for the Week Ending May 20, 2022

Flaw in uClibc Allows DNS Poisoning Attacks A flaw in all versions of the popular C standard libraries uClibc and uClibc-ng can allow for DNS poisoning attacks against target devices. The library is likely used in milliosn of Internet of Things devices that will never be patched and will always be vulnerable. This is where […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Bluetooth Spec Says it is not Secure – They Are Right

There have been many issues over the years with passive (keyless) entry systems, including but not limited to vehicles. In this case, researchers at the NCC Group used a “relay attack” to not only unlock a Tesla Model 3, but also start it and drive away. A relay attack works like this. You take one […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending May 13, 2022

Chinese Sponsored OPERATION CUCKOOBEES Active for Many Years Researchers with cybersecurity firm Cybereason briefed the FBI and Justice Department as early as 2019 about Operation CuckooBees, an alleged espionage effort by Chinese state-sponsored hackers (named Winnti or APT41) to steal proprietary information from dozens of global defense, energy, biotech, aerospace and pharmaceutical companies. The companies […]

Continue reading → [DISPLAY_ACURAX_ICONS]

UK, Australia, Canada, New Zealand and US Warn of Attacks on MSPs

Many or possibly most small businesses don’t have an internal IT department. They rely on a third party to help them manage their IT assets. These third parties are called Managed Service Providers (MSPs) or sometimes Managed Security Service Providers (MSSPs). This is not inherently bad. But many of these MSPs are not much larger […]

Continue reading → [DISPLAY_ACURAX_ICONS]