When an update is necessary (as it is every month) “Patch Tuesday” means Microsoft combines multiple necessary vulnerability updates into one convenient date (2nd Tuesday). For example July it was on the 9th. One of my favorite sites shows the significance of this almost every month: Krebsonsecurity July Edition. What can one do to prevent … Read more
What is the better password policy? A longer password like NIST 800-53 says? Key NIST password guidelines Minimum length of 8 characters and maximum length of at least 64 characters if chosen by the user. Allow usage of ASCII characters (including space) and Unicode characters. Check prospective passwords against a list that contains values … Read more
I got this email from Cathy Clarke… It claimed to be able to help me get a tax refund due to the SETC and ERC federal programs because of the pandemic Here is text of email: Hi <insert-name>, Just wanted to check if you’ve submitted your tax refund claim yet? SETC and ERC are … Read more
Yes it was Patch Tuesday July9th (yesterday). This means Krebsonsecurity had a post describing all the action: The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component that affects Windows 11 and Windows Server 2022 systems. CVE-2024-38080 allows an attacker to increase their account privileges on a Windows machine. Although … Read more
Happy 4th of July: I always do a full backup on this day – so I have at least a few backups at July 4th and Christmas. I may backup other days, but make sure I do one today!!! Perform some stuff that you normally would not on this celebration, as well I am sure … Read more
As Hackernews has in its posts: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems RCE = Remote Code Execution , i.e. the hacker does not need an account on the system to get on the system. This happens to be an old vulnerability (as per AI response): The OpenSSH remote code … Read more
NIST (National Institute of Standards & Technology) has come up with an AI Framework – still a work in progress, but it is coming into shape with this 1.0 version. There are many aspects to discuss, but the most important are… The Core of the framework: “A Culture of Risk Management is cultivated and … Read more
What does GenAi and Cybersecurity have in common? SCMagazine has the story: Gartner Security Summit: “3 takeaways” “Generative AI (GenAI) has emerged as a game-changer in the cybersecurity industry, offering both opportunities and risks. Jeremy D’Hoinne, a research vice president for security operations and infrastructure protection at Gartner, addressed this topic in his presentation the … Read more
Every day and month in this new year (2024) the hackers of the criminal kind are working on new attacks to steal/take our resources and money. At SecureWorld yesterday there was a presentation by the secret service of some new phishing and other attacks, including a review of the Snowflake attacks. Although he did not … Read more
Another Article (SCMagazine) with more bugs that can cause cybersecurity incidents – WordPress Plugins WPMeta SEO, WPStatistics, and LiteSpeed Cache. So as usual – if you have these plugins, check your WordPress installation for updates as soon as you can. Hopefully the plugins have been fixed and then one can update, but if not WordPress … Read more
BianLian is a Face Changing Chinese Opera, but it also appliess to a ransomware group that changes it’s attacks up a bit. Palo Alto Unit42 has a report: Unit 42 researchers have been tracking the BianLian ransomware group, which has been in the top 10 of the most active groups based on leak site data … Read more
ArsTechnica has the story: “Unprecedented” Google Cloud event wipes out customer account and its backups The $135 billion pension account UniSuper (in Australia) which has 647,000 members thought it was being brought ‘up-to-date’ by moving it’s IT systems to the Google Cloud. Unfortunately this interesting post by CEO of UniSuper and GoogleCloud Head explains the … Read more
There is an indictment of a woman in Arizona (which made $6.8million) as a proxy between North Korean soldiers and unsuspecting numbers of people’s identities. From Justice.gov indictment form: According to a May 2022 advisory by the Department of State, the Department of the Treasury, and the Federal Bureau of Investigation, North Korea has … Read more
Yes Dell API(Application Programming Interface) was hacked to the tune of 49 million customer records. (BleepingComputer article) What does that mean? Fortunately the data did not have financial data, only the following: “This data breach contained customer order data, including warranty information, service tags, customer names, installed locations, customer numbers, and order numbers.” So … Read more
What is a Xiaomi device? It is a mobile phone made in China of course. At iide.co (a Colombia website) A digital marketing course does a SWOT(Strength Weakness Opportunities Threats) analysis for Xiaomi: “Xiaomi stands as a global technology giant of immense stature, securing a noteworthy position as the fourth-largest player in the electronic manufacturing … Read more
Yes it is May 1st today – so I was wondering is Cybersecurity still a thing? Tip1 A good cybersecurity tip for May first is to update and strengthen your passwords. Regularly changing passwords and using strong, unique passwords for each account can significantly enhance your online security. Consider using a password manager to generate … Read more
A survey by Pentera in a Hacker News Story says 51% of respondents said they were hacked. What does a statistic like that mean to you? Are you tired of seeing stats like that? Since you have not been hacked yet, does it matter to you? Volkswagen breach is discussed in Cybernews story(went on for … Read more
BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets … Read more
Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query title:NextChat,”ChatGPT Next Web” pulls up 7500+ exposed instances, mostly in China … Read more
Yes you must renew your membership says the email… Did I remember to pay it?? I thought it is on auto-renew?? Anyway This is what it looked like on my phone: So I clicked on the update information(gently so as not to double click on phone) and copied and pasted the link. I then pasted … Read more
Is there anything that we can do that will completely stop all phishing attacks? Short answer is no. We can reduce them by trying to get ourselves off different lists, but the hackers and nation-states are always changing their methods, and ultimately the “attacker” whether it is a local script kiddie(new hacker learning stuff), a … Read more
Microsoft Typhoon story: “Living off the Land” The story starts: ‘The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering’ The Chinese attacked and stole state department employee email, in this Politico story about the Chinese hack: “Among the most sensitive information stolen, … Read more
Because it is an election year and because the sun is coming up over the horizon the latest FBI director is testifying in Washington to say China could (was and is) attack(ing) us using cyber. “FBI director Christopher Wray testifies on China’s growing cyber threat against U.S. — 1/31/24 (CNBC Youtube video)“ Christopher Wray, FBI … Read more
How should I know? All I do know is that there will be a lot of changes happening faster and faster. The above image is from a previous post that discussed “spam AI” a little. Imagine a new world where you can ask a computer a question and it will answer by reviewing and looking … Read more
Hackers have found ways to add notification code behind the website code. Thus if you say Allow in the notification window: then eventually a ‘bad’ notification comes up: Here is an example of ‘bad’ or hacker initiated notifications: Here is where cybernews.com had the story and the investigation by cybernews showed the details … Read more
Here is the story from scmagazine: MOVEit hackers may have found simpler business model beyond ransomware “The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular MOVEit file transfer program and stole data from a growing number of victims, exposing the personal information of many millions of people worldwide.” What … Read more
Windows10 arrived not that long ago… According to Microsoft’s site learn.microsoft.com 1507 was the first version and it had an initial release at 2015-07-29 so about 8 years ago it was released, and now the last version 22H2 will have a last service date of 2025, Oct 14th 22H2 General Availability Channel 2022-10-18 2023-05-23 19045.3031 … Read more
OpenAI has breathlessly released the latest version (4.0) a few days ago. This version has plugins which will allow the program to connect with other programs to sort or otherwise use the other programs as per analyticsindiamag.com Including Expedia, Wolfram, Zapier, Speak, Fiscal Note, kayak, Instacart, Opentable, Klarna Shopping, Shop, Milo family AI, Retrieval, and … Read more
I am talking about the Russian war against Ukraine which started on Feb 2022. Do you have 80 computes, more than a dozen? Then it should be obvious that they all need to be standardized and if standardized and wrong they will all get hacked. So paying attention to details in your environment pays dividends. … Read more
SCMagazine story on January 3rd. makes you think about the efficacy of cyber insurance. The problem is the government fines and some of the details in the contract language: “The attorneys general of Utah and Oregon reached a $200,000 settlement with Avalon Health, which also requires the provider to develop and implement practices that aim … Read more
49 posts on this blogsite oversitesentry in 2022 There were many different posts I chose 4 to highlight in early ’22: What does Segmentation DonaldTrump Malware post Jan 25,22 Hackers are Ruthless: Attack Red Cross/ Red Crescent 500k stolen China Attacking News sites now & CISA agency declares patch APC UPS(Power Supplies) 3 Critical vulnerabilities. … Read more
Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website. “Passwordstate was subject to scrutiny by Swiss security consultancy modzero AG following a customer request to check the password manager’s security. Modzero researchers Constantin … Read more
Let’s discuss what a cyber disaster is… a disaster in the cyber world would be losing the ability to run the apps and information that you want to run on a day-to-day basis. How can that happen? One way is the hardware or software to fail, this is what is called a regular day where … Read more
At Technewsworld the following quote is interesting: “Attackers do not just target large enterprises. Recent reporting shows companies with less than 100 employees are three times more likely to be the target of a cyberattack — yet, often lack sufficient cybersecurity measures and resources to manage their risk,” said Shena Seneca Tharnish, VP for cybersecurity … Read more
A new Vulnerability which was a “Zero Day” vulnerability in a Windows Tool called MSDT (Microsoft Support Diagnostic Tool) according to Technewsworld.com story You can see the tool here in the following image: (after typing msdt in the Run or task search bar for Windows`10 operating system.) As I have discussed before – in … Read more
