720-891-1663

Almost 80% Fear Software Stack Breach

That is a big number and even if it is off by say 25% or 30%, that is still huge. Cisco Systems surveyed over a thousand organizations across Australia, India, Japan, Germany, the UK and US. All companies had revenues in excess of $500 million, so you can’t say these are small shops without a […]

Continue reading → [DISPLAY_ACURAX_ICONS]

State-Sponsored Hackers Changing Tactics to Put Companies at Risk

State-sponsored threat groups increasingly use ransomware-like attacks as cover to hide more insidious activities. Russian advanced persistent threat (APT) group Sandworm used ransomware programs to destroy data multiple times over the past six months while North Korea’s Lazarus group used infrastructure previously associated with a ransomware group for intelligence gathering campaigns. Chinese state sponsored hackers […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Hacker Uses Verified Microsoft Account to Compromise Users

Microsoft has a badge, sort of like Twitter and just like Twitter, apparently these badges can be hacked. Security firm Proofpoint first discovered the attack involving three rogue apps which were impersonating single signon and online meeting apps. If the user installs these rogue apps, they ask for permissions to their Microsoft 365 account, which […]

Continue reading → [DISPLAY_ACURAX_ICONS]

TSA Tells Airlines to Secure No-Fly-List

The TSA has issued a security directive to all US Airports and airlines telling them to tighten up their cybersecurity procedures. This after a Swiss researcher discovered an unprotected copy of the no-fly-list and other sensitive documents belonging to United Airlines feeder carrier CommuteAir. The researcher also said that he probably could have cancelled or […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Ya Know Your Ransomware Response Strategy – It Probably Doesn’t Work Any More

Probably many of you have created an incident response plan and possibly you have tested it. But likely, that plan and test of it is based on the assumption that hackers are encrypting your data. The solution to that is effective backups. The problem with that is whether your backups really good and how long […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending January 20, 2023

New York Gov Signs Right to Repair Law While industry lobbyists have done their best to water down New York’s right to repair law (and they were relatively successful at it), it is a start. It goes into effect in July, 2023 and while it excludes electronics used in government and schools, has other ridiculous […]

Continue reading → [DISPLAY_ACURAX_ICONS]