Our news
-
Cybersecurity Protects What’s Most Important (and it’s not Your Money)
Today, nearly every business operates in some form on the internet. With that understanding, every business is at risk of being targeted and victimized by sophisticated cyber-attacks. Common victims include vital information, secured systems/networks, and the integrity of said companies. However, there’s another affected party that may not be addressed enough; our children. Securing your business infrastructure from cybercriminals protects our…
-
Rickroll Grad Prank Exposes Exterity IPTV Bug
IPTV and IP video security is increasingly under scrutiny, even by high school kids.
-
Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities
Original release date: October 14, 2021 CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that details ongoing cyber threats to U.S. Water and Wastewater Systems (WWS) Sector. This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of…
-
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Original release date: October 14, 2021 Summary Immediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Use strong passwords. • Use multi-factor authentication. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common…
-
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.
-
FreakOut Botnet Turns DVRs Into Monero Cryptominers
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.
-
Mandating a Zero-Trust Approach for Software Supply Chains
Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.
-
OpenSea ‘Free Gift’ NFTs Drain Cryptowallet Balances
Cybercriminals exploited bugs in the world’s largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.
-
30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
-
Microsoft Kills Bug Being Exploited in MysterySnail Espionage Campaign
Microsoft’s October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers.