Here is the info from Grok copied verbatim: (from a specific question regarding syncjacking) ————————————————————————————————— Browser sync features, such as those in Google Chrome, allow users to synchronize data like passwords, bookmarks, browsing history, and extensions across devices via a cloud account. However, this convenience can be exploited by malware and criminals to circumvent … Read more
There are some Docusign phishing attempts as catalogued here at Malwarebytes.com How can one really tell that it is not a legitimate Docusign instead of a fake site or fake email Looking at the true email address from section shows where the email is coming from (not the email name “from:” that you … Read more
What is Cybersecurity? Is it the way one uses and defends their data and systems? CISA the government agency (not my certifications Certified Information Systems Auditor by ISACA) … I know confusing right? https://www.cisa.gov/news-events/news/what-cybersecurity I like to show you the full link so you know where you are going(not like phishing scams). Cybersecurity is explained … Read more
If you got ransomware – now what? How can you recover and get back to normal? Here are some images of ransomware from older posts on this blog: Asking your favorite AI instance “After a confirmed ransomware attack what is a schedule to normality? I.e. step by step instructions to make sure no persistent … Read more
What is Clickjacking? “Porn sites are stuffing SVGs with clickjacking code to farm Facebook likes” refers to a specific type of cyberattack involving both SVG files and clickjacking techniques. Above image is from Malwarebytes post… if you notice (I did not make it a large image but it claims the images are porn images … Read more
As these FBI Images show and the text “2 DPRK Agents actively bilked almost a Million$”: Jin Sung-Il and Pak Jin-Song are wanted for their alleged involvement in a fraudulent scheme to obtain remote information technology (IT) work with U.S. companies that generated revenue for the Democratic People’s Republic of Korea (DPRK). It is alleged … Read more
As this story pointed out at the Register: “Enterprises neglect AI security – and attackers have noticed” The findings come from Big Blue’s Cost of a Data Breach Report 2025 report, which shows that AI-related exposures currently make up only a small proportion of the total, but these are anticipated to grow in line with … Read more
From the post at 0din.ai: Phishing With Gemini A new type of attack without links included in the email. Let’s say you received an email – has only text and looks like you should read and understand it, but you do not have the time… So what should you do read it later? Or … Read more
Out of a Record.media story where Google “Big Sleep” AI tool found a vulnerability that was not yet uncovered. The white paper referenced by Google discusses how to use AI agents in a hybrid defense in depth approach: Building on well-established principles of secure software and systems design, and in alignment with Google’s Secure AI … Read more
Livescience article below claims Hallucinations are a feature not a bug. AI LLM models and others, but let’s back up and set some descriptions: From this site Tolokai.ai Difference between AI, ML, LLM, and Generative AI Image above is from Devblogit AI is a broad topic and only a small … Read more
you.com AI responded with the following list of how people learn: Spatial Thinkers – Visualize relationships and mentally “map” information Experiential Learners – Learn by doing (trial, error, iteration) Sequential Thinkers – Prefer logical, step-by-step processes ️Visual Learners – Diagrams, color-coding, visuals Social Learners – Dialogue, feedback, collaboration Reflective Learners – Need time to process … Read more
First couple of paragraphs in Dark Reading story says it all: Both the Google Chrome and Mozilla Firefox browsers currently are under separate attacks, the former from actors exploiting a zero-day bug and the latter from a list of malicious extensions that are actively compromising users. Google rushed out a stable channel update on Monday … Read more
iank.org says they have serious flaws specifically the Loftie alarm clock This is apparently in the alarm clock file structure: $ strings config.arm64_v8a.apk … assets/icons/clock.svg _setClient@91206165 _TapStatusTrackerMixin@113288344 https://fwbek2lb0a213kbewqoit.byloftie.com/Loftie_EVT.bin # <——- get:digitMatcher ListTileThemeData get:endOfFrame _drawPicture@15065589 … If you notice the weird address in the file: fwbek2lb0a213kbewqoit.byloftie.com This kind of programming is not a good idea. her … Read more
What happens when you are confronted with ClickFix? i.e. (from a linkedinpost by Alex Zammit ) A site popped this “I’m not a Robot check”. The site injected a command to my clipboard and is trying to convince me to run it. 1) The first command asks me to open the Windows Run command box. … Read more
Yes I am assuming IoT devices from china are ‘cheap’. Look at this FBI IC3 headline: Home Internet Connected Devices Facilitate Criminal Activity probably important to know – what is the Botnet? “BADBOX 2.0 was discovered after the original BADBOX campaign was disrupted in 2024. BADBOX was identified in 2023, and primarily consisted of Android … Read more
In Cybersecurity we are programmed to prepare for the constant Internet attacks. But there are many aspects to these attacks, including what is considered a watering hole tactic. A watering hole tactic is where just like in the desert water is important , and in an oasis there is a watering hole. What does that … Read more
A dual message this memorial day 2025 Thanks for the service of all who fell for our country!!! Also do not download malware and thus do the work of the attacker??? Why would someone do that? Because the allure of a coupon or some perceived gain or Fear Of Missing Out (FOMO) Hackernews … Read more
The issue of What can be used for us will be used against us. I.e. We want to use the internet – it will be used to attack us. So we want to have email – it will be used against us. There are some technical configurations we can do to help prevent scam attacks. … Read more
Here are some standard emails that came into my mailbox that are obviously fake…. Also an older post(7/15/2024) discussed a tax refund scam… by text and email Here is text of email(italicized): Hi <insert-name>, Just wanted to check if you’ve submitted your tax refund claim yet? SETC and ERC are federal government programs … Read more
JDSupra among other ezines on the Internet have cataloged the Lewis & Clark College in Portland hack Basically in March 2023 the administrators or others at the college learned that there was unauthorized access of their computer systems. Today 2 years later a story came out in the 2600 magazine “the Hackers Quarterly” The article … Read more
How? With training and security policies. Create a security culture and train your employees with a Security Policy. Train the employees to ensure they understand the security policy Here is a page at Fixvirus.com that discusses how to start a security policy: Also at the US Chamber of Commerce Here is relevant text from Chamber … Read more
Quishing – the QR code that sends you to download bad stuff Let’s go back to what is a QR code from digital.gov? QR codes (or Quick Response codes) are two-dimensional codes that you can scan with a smartphone. The code contains information, usually a site address, and once you scan it, the … Read more
why discuss now? This is the FBI 5 Unit61398 From left, Chinese military officers Gu Chunhui, Huang Zhenyu, Sun Kailiang, Wang Dong, and Wen Xinyu indicted on cyber espionage charges. Above Wanted notices included to show this is not an aberration but a consistent policy by CCP. I have written about Chinese PLA (People’s … Read more
What would be the Top 3 items to consistently work on so that cybersecurity does not have to be worried about. (Main image above is the Cottage Health systems picture back when they had a security issue https://oversitesentry.com/health-records-breached-no-cyberinsurance-payout-why-stupidity/ May, 2015 post). I.e. if one works on these Top3 items then cybersecurity in general will be … Read more
With a Security Policy one can improve Cybersecurity and thus be proactive in keeping attacks to a risk managed level. We interrupt your boring cybersecurity NEWS ……Breaking news… The Moonwalk Malware Miracle April 1, 2025 In a bizarre twist of tech fate, a new strain of malware has swept across the internet, dubbed “RetroVirus-X.” … Read more
Yes it is better to learn a little more Cybersecurity or to “level up your knowledge” rather than the alternative. We have a typical business owner -1st: Has to figure out cybersecurity while keeping everything else up to speed (one has to make payroll after all). 2nd we may need to add a partner or … Read more
It is Friday and we are trying to find jokes in cybersecurity? or are we? We are selling these rabbit feet so that you will not get hacked* “Why don’t small business owners worry about cybersecurity? Because they’ve got a secret weapon: their grandma’s lucky rabbit foot! Rub it once, and hackers turn into confused … Read more
Hackernews has another story about exploited devices: Archer routers This router the Archer TP link “The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with The Hacker News.” As … Read more
Let’s discuss Psychology of Security and use humor instead of more cyber headlines to explain some aspects such as spending time and money before an event happens or other cybersecurity preventive actions. Do we have the Gambler’s mentality with our cybersecurity? The psychology of security is fascinating since there is a kernel of truth of … Read more
Searching in Grok for small business data on phishing stats “What is phishing attack statistics for small businesses” Grok searched 15 websites and came up with this: Phishing attacks are a significant threat to small businesses, often targeting them due to their potentially limited resources for cybersecurity. Based on the most recent data available to … Read more
2 interesting issues have been uncovered by cybersecurity researchers. Hackernews article: “New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass” Phishing campaigns have been observed sending payment receipt-related emails to entice recipients into opening bogus PDF documents containing QR code that, upon scanning, redirects them to Sneaky 2FA pages. The Phishing … Read more
Hackernews has the story “New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites” from last year, and this morning it is https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html. There are distinct similarities (WordPress Ecommerce and hackers try to steal CC #s online) It is an issue as the malware hides itself and can stay at the website to steal credit … Read more
There is a new “rulemaking” that is trying to get the process started for updated HIPAA regulations. At the federalregister.gov First we have to review as to how we got here: Regulatory History 1.1996 Congress enacted HIPAA (Health Insurance Public Accountability Act) 2. 1998 Security Rule Notice of Proposed Rulemaking 3. 2003 Final Rule 4. … Read more
Cybersecurity Focus Areas for Small Businesses in 2025 As we approach the new year, small businesses should prioritize their cybersecurity strategies to protect against evolving threats. Here are 10 essential items to work on for 2025: 1. Implement Strong Password Policies Establish robust password requirements for all employees. This includes using complex passwords and changing … Read more
These 2 Vulnerabilities on Zero-day vulnerabilities have possibility of causing much mayhem unless you have cybersecurity program in place to deal with updates or patches as quick as possible and other Intrusion Detection as well as anti-virus and more. Hacker News has the stories: RomCom Exploits Zero-day The Russia-aligned threat actor known as RomCom has … Read more
And what does it mean to Cybersecurity? As in the latest videos by Jason Huang the CEO of Nvidia where the Blackwell architecture and other pieces have been revealed with more detail: Blackwell is a very large GPU installation which has the capability of increasing computing power 4x every year. As the image explains Blackwell … Read more
We are obviously in trouble because there are large numbers of people with inadequate Cybersecurity habits. How many computers get hacked every year? I asked Claude AI: “How many computers or people get hacked every year in the USA?” According to statistics from the FBI and cybersecurity firms, hacking incidents affect millions of Americans annually, … Read more
I think you know the answer to that: United Nations Office on Drugs and Crime has found multiple areas in the world where there is a confluence of criminal gangs with drug trafficking sales, online gambling, and cyber-enabled attacks. And guess what these criminal gangs into drugs, online gambling, and cyberattacks are using to make … Read more
How IT Governance Enhances Cybersecurity IT governance plays a crucial role in strengthening cybersecurity within organizations by ensuring that cybersecurity strategies are aligned with overall business objectives and risk appetites. This alignment is essential for effectively managing cybersecurity risks and ensuring that security measures support the organization’s goals. (this IT governance explanation comes from a … Read more
Ivanti Legacy Cloud appliance has a bad vulnerability (remove/ upgrade ASAP) Scammers are posing as Apple care services in github and Google ads (Malware Bytes article)which are fake. Some windows systems were left dangerously unpatched for some time (krebsonsecurity article) Issue1: Unfortunately the obsolete Ivanti appliances must be replaced ASAP – as this is the … Read more
How do we make decisions? When we hire, or when we decide what website to read for more information. Is it important to know how we made these decisions or what the results were? Should a bank explain why they denied a loan? How about healthcare coverage? AI helps in this decision as well? Should … Read more
I found this article at Technewsworld : Experts Weigh In on Refusing or Paying After a Ransomware Attack So Ransomware happened… (let’s not worry how or why for now). Now what do you do? Contact your lawyer? Cyberinsurance? I supposed you do want to know how it happened to make sure you can at least remove … Read more
I am in cybersecurity field and every now and then I wonder aloud: “Are we doing enough to protect our computers and networks?” Since i have been using AI tools like you.com and gab.ai I asked both to see if they answered differently. “What are the key areas to audit in cybersecurity?” So the AI … Read more
Does the sun shine brightly? Yes. Remember the old adage, everything we use can be used against us… so of course attackers will use AI. So yes AI or artificial intelligence will be used by attackers to create better phishing campaigns and to translate any language to another. First of all we can assume misspelled … Read more
When an update is necessary (as it is every month) “Patch Tuesday” means Microsoft combines multiple necessary vulnerability updates into one convenient date (2nd Tuesday). For example July it was on the 9th. One of my favorite sites shows the significance of this almost every month: Krebsonsecurity July Edition. What can one do to prevent … Read more
What is the better password policy? A longer password like NIST 800-53 says? Key NIST password guidelines Minimum length of 8 characters and maximum length of at least 64 characters if chosen by the user. Allow usage of ASCII characters (including space) and Unicode characters. Check prospective passwords against a list that contains values … Read more
I got this email from Cathy Clarke… It claimed to be able to help me get a tax refund due to the SETC and ERC federal programs because of the pandemic Here is text of email: Hi <insert-name>, Just wanted to check if you’ve submitted your tax refund claim yet? SETC and ERC are … Read more
Yes it was Patch Tuesday July9th (yesterday). This means Krebsonsecurity had a post describing all the action: The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component that affects Windows 11 and Windows Server 2022 systems. CVE-2024-38080 allows an attacker to increase their account privileges on a Windows machine. Although … Read more
Happy 4th of July: I always do a full backup on this day – so I have at least a few backups at July 4th and Christmas. I may backup other days, but make sure I do one today!!! Perform some stuff that you normally would not on this celebration, as well I am sure … Read more
As Hackernews has in its posts: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems RCE = Remote Code Execution , i.e. the hacker does not need an account on the system to get on the system. This happens to be an old vulnerability (as per AI response): The OpenSSH remote code … Read more
NIST (National Institute of Standards & Technology) has come up with an AI Framework – still a work in progress, but it is coming into shape with this 1.0 version. There are many aspects to discuss, but the most important are… The Core of the framework: “A Culture of Risk Management is cultivated and … Read more
What does GenAi and Cybersecurity have in common? SCMagazine has the story: Gartner Security Summit: “3 takeaways” “Generative AI (GenAI) has emerged as a game-changer in the cybersecurity industry, offering both opportunities and risks. Jeremy D’Hoinne, a research vice president for security operations and infrastructure protection at Gartner, addressed this topic in his presentation the … Read more
Every day and month in this new year (2024) the hackers of the criminal kind are working on new attacks to steal/take our resources and money. At SecureWorld yesterday there was a presentation by the secret service of some new phishing and other attacks, including a review of the Snowflake attacks. Although he did not … Read more
Another Article (SCMagazine) with more bugs that can cause cybersecurity incidents – WordPress Plugins WPMeta SEO, WPStatistics, and LiteSpeed Cache. So as usual – if you have these plugins, check your WordPress installation for updates as soon as you can. Hopefully the plugins have been fixed and then one can update, but if not WordPress … Read more
BianLian is a Face Changing Chinese Opera, but it also appliess to a ransomware group that changes it’s attacks up a bit. Palo Alto Unit42 has a report: Unit 42 researchers have been tracking the BianLian ransomware group, which has been in the top 10 of the most active groups based on leak site data … Read more
ArsTechnica has the story: “Unprecedented” Google Cloud event wipes out customer account and its backups The $135 billion pension account UniSuper (in Australia) which has 647,000 members thought it was being brought ‘up-to-date’ by moving it’s IT systems to the Google Cloud. Unfortunately this interesting post by CEO of UniSuper and GoogleCloud Head explains the … Read more
There is an indictment of a woman in Arizona (which made $6.8million) as a proxy between North Korean soldiers and unsuspecting numbers of people’s identities. From Justice.gov indictment form: According to a May 2022 advisory by the Department of State, the Department of the Treasury, and the Federal Bureau of Investigation, North Korea has … Read more
Yes Dell API(Application Programming Interface) was hacked to the tune of 49 million customer records. (BleepingComputer article) What does that mean? Fortunately the data did not have financial data, only the following: “This data breach contained customer order data, including warranty information, service tags, customer names, installed locations, customer numbers, and order numbers.” So … Read more
What is a Xiaomi device? It is a mobile phone made in China of course. At iide.co (a Colombia website) A digital marketing course does a SWOT(Strength Weakness Opportunities Threats) analysis for Xiaomi: “Xiaomi stands as a global technology giant of immense stature, securing a noteworthy position as the fourth-largest player in the electronic manufacturing … Read more
Yes it is May 1st today – so I was wondering is Cybersecurity still a thing? Tip1 A good cybersecurity tip for May first is to update and strengthen your passwords. Regularly changing passwords and using strong, unique passwords for each account can significantly enhance your online security. Consider using a password manager to generate … Read more
A survey by Pentera in a Hacker News Story says 51% of respondents said they were hacked. What does a statistic like that mean to you? Are you tired of seeing stats like that? Since you have not been hacked yet, does it matter to you? Volkswagen breach is discussed in Cybernews story(went on for … Read more
BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets … Read more
Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query title:NextChat,”ChatGPT Next Web” pulls up 7500+ exposed instances, mostly in China … Read more
Yes you must renew your membership says the email… Did I remember to pay it?? I thought it is on auto-renew?? Anyway This is what it looked like on my phone: So I clicked on the update information(gently so as not to double click on phone) and copied and pasted the link. I then pasted … Read more
Is there anything that we can do that will completely stop all phishing attacks? Short answer is no. We can reduce them by trying to get ourselves off different lists, but the hackers and nation-states are always changing their methods, and ultimately the “attacker” whether it is a local script kiddie(new hacker learning stuff), a … Read more
Microsoft Typhoon story: “Living off the Land” The story starts: ‘The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering’ The Chinese attacked and stole state department employee email, in this Politico story about the Chinese hack: “Among the most sensitive information stolen, … Read more
Because it is an election year and because the sun is coming up over the horizon the latest FBI director is testifying in Washington to say China could (was and is) attack(ing) us using cyber. “FBI director Christopher Wray testifies on China’s growing cyber threat against U.S. — 1/31/24 (CNBC Youtube video)“ Christopher Wray, FBI … Read more
How should I know? All I do know is that there will be a lot of changes happening faster and faster. The above image is from a previous post that discussed “spam AI” a little. Imagine a new world where you can ask a computer a question and it will answer by reviewing and looking … Read more
Hackers have found ways to add notification code behind the website code. Thus if you say Allow in the notification window: then eventually a ‘bad’ notification comes up: Here is an example of ‘bad’ or hacker initiated notifications: Here is where cybernews.com had the story and the investigation by cybernews showed the details … Read more
Here is the story from scmagazine: MOVEit hackers may have found simpler business model beyond ransomware “The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular MOVEit file transfer program and stole data from a growing number of victims, exposing the personal information of many millions of people worldwide.” What … Read more
Windows10 arrived not that long ago… According to Microsoft’s site learn.microsoft.com 1507 was the first version and it had an initial release at 2015-07-29 so about 8 years ago it was released, and now the last version 22H2 will have a last service date of 2025, Oct 14th 22H2 General Availability Channel 2022-10-18 2023-05-23 19045.3031 … Read more
OpenAI has breathlessly released the latest version (4.0) a few days ago. This version has plugins which will allow the program to connect with other programs to sort or otherwise use the other programs as per analyticsindiamag.com Including Expedia, Wolfram, Zapier, Speak, Fiscal Note, kayak, Instacart, Opentable, Klarna Shopping, Shop, Milo family AI, Retrieval, and … Read more
I am talking about the Russian war against Ukraine which started on Feb 2022. Do you have 80 computes, more than a dozen? Then it should be obvious that they all need to be standardized and if standardized and wrong they will all get hacked. So paying attention to details in your environment pays dividends. … Read more
SCMagazine story on January 3rd. makes you think about the efficacy of cyber insurance. The problem is the government fines and some of the details in the contract language: “The attorneys general of Utah and Oregon reached a $200,000 settlement with Avalon Health, which also requires the provider to develop and implement practices that aim … Read more
49 posts on this blogsite oversitesentry in 2022 There were many different posts I chose 4 to highlight in early ’22: What does Segmentation DonaldTrump Malware post Jan 25,22 Hackers are Ruthless: Attack Red Cross/ Red Crescent 500k stolen China Attacking News sites now & CISA agency declares patch APC UPS(Power Supplies) 3 Critical vulnerabilities. … Read more
Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website. “Passwordstate was subject to scrutiny by Swiss security consultancy modzero AG following a customer request to check the password manager’s security. Modzero researchers Constantin … Read more
Let’s discuss what a cyber disaster is… a disaster in the cyber world would be losing the ability to run the apps and information that you want to run on a day-to-day basis. How can that happen? One way is the hardware or software to fail, this is what is called a regular day where … Read more
At Technewsworld the following quote is interesting: “Attackers do not just target large enterprises. Recent reporting shows companies with less than 100 employees are three times more likely to be the target of a cyberattack — yet, often lack sufficient cybersecurity measures and resources to manage their risk,” said Shena Seneca Tharnish, VP for cybersecurity … Read more
A new Vulnerability which was a “Zero Day” vulnerability in a Windows Tool called MSDT (Microsoft Support Diagnostic Tool) according to Technewsworld.com story You can see the tool here in the following image: (after typing msdt in the Run or task search bar for Windows`10 operating system.) As I have discussed before – in … Read more