As hackers become smarter, generate more and more effective attacks and users continue to work from almost anywhere, IT teams have to get smarter about effective endpoint security. This is going to take a layered approach. This includes moving towards zero-trust. Here are some recommendations. Signature and heuristic-based detection – this is what most traditional […]
Continue reading → [DISPLAY_ACURAX_ICONS]Senator Chris Van Hollen (Maryland) wrote a letter to Commerce Secretary Raimondo asking what she planned to do about this security vulnerability – the first we are hearing about it. Raimondo could ban the equipment, just like equipment made by Huawai and others. Chinese electronics maker Yealink is not a household word like Huawei, but […]
Continue reading → [DISPLAY_ACURAX_ICONS]Don’t Copy-Paste Commands from a Web Page – You can Get Hacked People often copy-paste data from a website into some other place like a command prompt or another browser window, but a researcher has demonstrated how a malicious website could change the data in the paste buffer, causing you to execute something that you […]
Continue reading → [DISPLAY_ACURAX_ICONS]Software released by Microsoft and other vendors is digitally signed so that users can validate that it really came from the vendor in question and that it has not been modified since the vendor created it. However, hackers have figured out how to bypass the security provided by Microsoft’s digital signature verification process, allowing them […]
Continue reading → [DISPLAY_ACURAX_ICONS]Today’s supply chain attack is interesting. I guess I can say that because it didn’t happen to a web site that I own and my information didn’t get stolen. Here is the situation. Many web sites have embedded videos on them. In this case, most of the sites affected were real estate web sites and […]
Continue reading → [DISPLAY_ACURAX_ICONS]W. Va. Hospital Breach Timeline – Way Too Long The Monongalia Health System was attacked recently and hackers had access to several email accounts, apparently belonging to contractors from May 10 to August 15 or about three months. It took them another 60 days to investigate. They are just not telling us about the breach […]
Continue reading → [DISPLAY_ACURAX_ICONS]