As times change and as a function of the pandemic response, governments are trying to deliver more services online. Unfortunately, governments rarely get to hire the best or the brightest software developers or security architects because they cannot match what the private sector can offer. Auth0 recently released the findings of its Public Sector Identity […]
Continue reading → [DISPLAY_ACURAX_ICONS]Hackers Sending Malware Filled USB Sticks in the Mail Old, tried and true techniques continue to work as hackers have been sending malware-filled USB sticks in the mail and UPS to defense, transportation and insurance companies, hoping someone did not do their security awareness training and plugs the drive into their computer. It just shows […]
Continue reading → [DISPLAY_ACURAX_ICONS]As hackers become smarter, generate more and more effective attacks and users continue to work from almost anywhere, IT teams have to get smarter about effective endpoint security. This is going to take a layered approach. This includes moving towards zero-trust. Here are some recommendations. Signature and heuristic-based detection – this is what most traditional […]
Continue reading → [DISPLAY_ACURAX_ICONS]Senator Chris Van Hollen (Maryland) wrote a letter to Commerce Secretary Raimondo asking what she planned to do about this security vulnerability – the first we are hearing about it. Raimondo could ban the equipment, just like equipment made by Huawai and others. Chinese electronics maker Yealink is not a household word like Huawei, but […]
Continue reading → [DISPLAY_ACURAX_ICONS]Don’t Copy-Paste Commands from a Web Page – You can Get Hacked People often copy-paste data from a website into some other place like a command prompt or another browser window, but a researcher has demonstrated how a malicious website could change the data in the paste buffer, causing you to execute something that you […]
Continue reading → [DISPLAY_ACURAX_ICONS]Software released by Microsoft and other vendors is digitally signed so that users can validate that it really came from the vendor in question and that it has not been modified since the vendor created it. However, hackers have figured out how to bypass the security provided by Microsoft’s digital signature verification process, allowing them […]
Continue reading → [DISPLAY_ACURAX_ICONS]