Latest Microsoft Patch -How Important is it?

The Microsoft Security Response Center just released the following Microsoft Mitigates Outlook Elevation of Privilege Vulnerability Microsoft has developed a script to see if you are already infected by hackers:  https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/ The script can run on Exchange server or on Azure based mailboxes(AzureEnvironmentName, AzureADEndpoint, EWSOnlineURL, and EWSOnlineScope can be left as default). This is a … Read more

Twitter Site Claims to Know Ransomware Targets

Someone set up a twitter bot that knows which companies get ransomware(it claims):   For example I picked out  Wyckoff Heating and Cooling(2023 – 3-11), Maximum Industries Inc(2023 – 3-13), and Management Excellence(2023 – 3-11). I am always on the lookout for Threat research possibilities (finding out what the adversary is doing). In all 3 … Read more

Will Attackers Use AI to Attack Us?

Short answer to this question is Yes!  Bruce Schneier(a fellow at the Berkman center for Internet and Society at Harvard University) said this in his paper of April 2021: The Coming of AI Hackers “One, AI systems will be used to hack us. And two, AI systems will themselves become hackers: finding vulnerabilities in all … Read more

AI Used in Phishing attacks: BEC Business Email Compromise

What  do you read when you read the following: “BEC groups launch executive impersonation attacks in at least 13 languages” Specifically this is interesting: “These attacks demonstrate that BEC is a global issue and not just an English-only phenomenon,” said Crane Hassold, director of threat intelligence at Abnormal Security. “Our findings also show how cybercriminals … Read more

Another Problem In Cybersecurity: Too much work–> Burnout

Why is burnout important?  If we are dependent on IT personnel to perform actions on a timely basis even when off-hours work must be done. And then expect them to come to work on time, we are inadvertently stressing personnel . I know every job may have stressors, but the cybersecurity field creates some unique … Read more