New Facebook Messenger Scam Attack
I am including 3 possible Facebook(Meta) messenger scam attacks – also known as Social engineering attacks. Yes there are also Facebook Messenger attacks. What are they? what if somebody messages…
Another Phishing Attack Angle
Hackers have found ways to add notification code behind the website code. Thus if you say Allow in the notification window: then eventually a ‘bad’ notification comes up: Here…
Hackers Using New Attack (Not Just Ransomware)
Here is the story from scmagazine: MOVEit hackers may have found simpler business model beyond ransomware “The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular…
Windows11 — Upgrade Soon?
Windows10 arrived not that long ago… According to Microsoft’s site learn.microsoft.com 1507 was the first version and it had an initial release at 2015-07-29 so about 8 years ago it…
Has ChatGPT Already Crossed the Red Line?
OpenAI has breathlessly released the latest version (4.0) a few days ago. This version has plugins which will allow the program to connect with other programs to sort or otherwise…
Latest Microsoft Patch -How Important is it?
The Microsoft Security Response Center just released the following Microsoft Mitigates Outlook Elevation of Privilege Vulnerability Microsoft has developed a script to see if you are already infected by hackers: …
During War are we getting Attacked More?
I am talking about the Russian war against Ukraine which started on Feb 2022. Do you have 80 computes, more than a dozen? Then it should be obvious that they…
Hacked? Got insurance? No Payout!!
SCMagazine story on January 3rd. makes you think about the efficacy of cyber insurance. The problem is the government fines and some of the details in the contract language: “The…
2022 What Did we Learn in Cybersecurity?
49 posts on this blogsite oversitesentry in 2022 There were many different posts I chose 4 to highlight in early ’22: What does Segmentation DonaldTrump Malware post Jan 25,22 Hackers…
Password Managers Hacked: Passwordstate and Lastpass
Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website.…
How Can a Small Business Prepare for Cyber Disaster?
Let’s discuss what a cyber disaster is… a disaster in the cyber world would be losing the ability to run the apps and information that you want to run on…
Less Than 100 Employees: 3x More Likely Target
At Technewsworld the following quote is interesting: “Attackers do not just target large enterprises. Recent reporting shows companies with less than 100 employees are three times more likely to be…
Every month New Vulnerabilities and Patches/Fixes
A new Vulnerability which was a “Zero Day” vulnerability in a Windows Tool called MSDT (Microsoft Support Diagnostic Tool) according to Technewsworld.com story You can see the tool here in…
Cybersecurity Practitioners Must Get More Boring?
DanielMiessler.com website Unsupervised Learning has a post SEC vs Solar Winds Cybersecurity’s Enron moment. The problem is that Cybersecurity is still ‘magic’ to many people and it should…
How Fast to Disclose a Breach?
What are the rules (or regulations) that state how fast to disclose and where? SC Magazine has an article on the new rule by the SEC that says a public…
Phishing by Text Using Post Office Logo & Wording
I am receiving (just got another one) the following image text is the full size version: As you can see I got this text on Wednesday November 8th at 9:10…
Browser Update Scam Improved and Re-issued
KrebsonSecurity has a story from October 18th: “The Fake Browser Update Scam Gets a Makeover” Do you get a message saying you need to update your browser? Do you know…
SpyNote app can take over your Android Phone and Hide
There is an interesting post at f-secure blog: “Take A Note of SpyNote” Malware may install itself on your phone (if you allow it) and then it will ask you…