Happy New Year. May 2021 be more sane than 2020. Microsoft Says Goal of Solar Winds Attack Was Your Cloud Data Microsoft says that the objective of the Solar Winds Hackers was to get into a number of organizations and then pick and choose which ones to attack, leaving the back door in place at […]
Continue reading → [DISPLAY_ACURAX_ICONS]Remember That Vague Client Alert Earlier This Week? For those of you who are clients, you received an out of cycle client alert on Tuesday (they usually come out on Wednesday) providing a copy of the Homeland Security Alert on the Sodinokibi ransomware going after Managed Service Providers or MSPs. It now appears that the […]
Continue reading → [DISPLAY_ACURAX_ICONS]Google has a interesting strategy. Build prototypes of products. Show them or leak them. See if anyone cares. Kill them if it doesn’t work out – there are lots of examples. After many users are already using them. One other thing that they do is attempt to lock users into the Google ecosystem. Of course. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft has been, ever since Windows 10 was released, on a race to collect more and more data on how you as a user do things. While users have complained, Microsoft remained steadfast and not only did not change its habits, but also remained pretty quiet as to what data they were collecting. Then the […]
Continue reading → [DISPLAY_ACURAX_ICONS]A few short items today. First, Lastpass, one of the two password managers that I like (the other is Keepass) has been hit with three different security bugs in the last couple of weeks. This is due to the fact that Google Project Zero security researcher Tavis Ormandy has put Lastpass in his sights. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft released an out of band patch today for all supported versions of Windows. The patch fixes a privately reported bug in the Kerberos Key Distribution Center (KDC) protoccol. If unpatched, it would allow an unauthorized user to execute an elevation of privilege attack. “The problem stems from a failure to properly validate cryptographic signatures which […]
Continue reading → [DISPLAY_ACURAX_ICONS]