Nothing bad could possibly happen to your company's network if the only piece of information the hackers have is your fax number, right? Unfortunately not, according to recent research by employees at Check Point. They recently revealed details about not one, but two different REC's (Remote Code Execution) techniques that exploit flaws in the communications protocols of tens of millions of fax machines spread all over the globe. If you think the Fax machine has largely gone the way of … Read more
Cortana May Have Flaw Allowing Unauthorized System Access
Researchers at McAfee have demonstrated a method that hackers could use to perform an end-run around Cortana and access data, run malicious code, or even change a locked computer's password. In this case, however, the emphasis is on the word "could." The researchers readily admit that this attack is high risk, has never been seen in the wild, and has little possibility of going undetected for a variety of reasons. Even so, the research is disturbing and does point to a valid weakness that … Read more
Survey Shows People Are Most Concerned About Data Theft
How seriously does the average consumer take data theft? It's an interesting (and fair) question, and one that Radware recently attempted to answer when the company sent out surveys. They contacted more than three thousand people to conduct its recent survey titled "Consumer Sentiments: Cybersecurity, Personal Data and the Impact on Customer Loyalty." As it turns out, today's consumers take the matter even more seriously than many other types of crimes. Here are some of the highlights … Read more
PGA Golf Organization Gets Hit By Ransomware
These days, we expect giant corporations, government agencies and medical facilities to be the targets of hackers. However, golf is something new. According to a recent report from GolfWeek, the PGA's offices have been hacked and infected with what appears to be the "BitPaymer" ransomware. That's the same strain that recently hit the town of Matanuska-Susitna, in Alaska, forcing city officials to resort to the use of typewriters for a week until they got their system back. The interesting … Read more
Reddit Users Advised To Reset Their Passwords
If you're a Reddit user, it's time to change your password. According to the company, they recently discovered evidence of a hack that exposed all company data from the site's launch (2005) to 2007, including user emails and account credentials. The company also reported that all public messages from that time period were downloaded, as well as an unknown number of private conversations. In addition to that, the hacker was apparently able to access the logs containing the email digests … Read more
Click Rates For Spam Emails Are Increasing
F-Secure recently published a new report, and their findings are disturbing. The click rates on spam emails increased to 14.2 percent for the second half of 2017, up from 13.4 percent reported in the first half of 2017. The increase seems to be driven by two factors. First, more intense targeting of smartphone users, who are typically more distracted and not paying as much attention when opening and reading emails. Second, a slight increase in sophistication. For instance, an email … Read more
New Scam Targets Apple Users
There's a new, surprisingly elaborate phishing scam targeting iPhone users. The scam starts with an email informing users that their phones have been locked due to "illegal activity" and instructing them to call "Apple Care" to get the problem fixed. Of course, there is no such company as Apple Care, but it's an official enough sounding name that it's luring a surprising percentage of victims into calling. In fact, opening the email will open a call dialog box, making connecting to "help" a … Read more
Connecting To Aiport Wi-Fi Puts Your Data At Risk
File this away under things you already knew. Coronet recently released a report entitled "Attention All Passengers: Airport Networks Are Putting Your Devices & Cloud Apps At Severe Risk," and the news is about what you'd expect. The report was more than five months in the making. The analysts poured over oceans of data on device vulnerabilities and Wi-Fi network risks from more than a quarter of a million consumer and corporate endpoints that passed through the 45 busiest airports in … Read more
E-Mail Is A Big Threat To Your Organization
Mimecast's 2018 "State of Email Security" report is out, and although it's contents are hardly a surprise, the news it contains is mostly bad. For starters, it confirms what most IT professionals already know: Email continues to be a big threat for organizations of all sizes. Unfortunately, the C-Suite (CEO's, CIO's, CFO's, and the like) are a major part of the problem, representing a significant weak link in Enterprise security. Not only are they a prime target for hackers, but … Read more
Chrome Now Shows Sites Without SSL as Not Secure
There is a small but significant change from Google, with the release of Chrome 68. The updated browser will now prominently notify browsers when they surf their way to non-HTTPS websites, displaying them as "Not Secure." This is Google's latest step in a long campaign to try and make the web a safer and more secure place for internet users around the world. If you're not especially tech-savvy, here's why it matters: Anything sent over a non-HTTPS connection is in plain text, including … Read more
