Another Phishing Attack Angle
Hackers have found ways to add notification code behind the website code. Thus if you say Allow in the notification window: then eventually a ‘bad’ notification comes up: Here…
Hackers Using New Attack (Not Just Ransomware)
Here is the story from scmagazine: MOVEit hackers may have found simpler business model beyond ransomware “The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular…
Windows11 — Upgrade Soon?
Windows10 arrived not that long ago… According to Microsoft’s site learn.microsoft.com 1507 was the first version and it had an initial release at 2015-07-29 so about 8 years ago it…
Has ChatGPT Already Crossed the Red Line?
OpenAI has breathlessly released the latest version (4.0) a few days ago. This version has plugins which will allow the program to connect with other programs to sort or otherwise…
Latest Microsoft Patch -How Important is it?
The Microsoft Security Response Center just released the following Microsoft Mitigates Outlook Elevation of Privilege Vulnerability Microsoft has developed a script to see if you are already infected by hackers: …
During War are we getting Attacked More?
I am talking about the Russian war against Ukraine which started on Feb 2022. Do you have 80 computes, more than a dozen? Then it should be obvious that they…
Hacked? Got insurance? No Payout!!
SCMagazine story on January 3rd. makes you think about the efficacy of cyber insurance. The problem is the government fines and some of the details in the contract language: “The…
2022 What Did we Learn in Cybersecurity?
49 posts on this blogsite oversitesentry in 2022 There were many different posts I chose 4 to highlight in early ’22: What does Segmentation DonaldTrump Malware post Jan 25,22 Hackers…
Password Managers Hacked: Passwordstate and Lastpass
Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website.…
How Can a Small Business Prepare for Cyber Disaster?
Let’s discuss what a cyber disaster is… a disaster in the cyber world would be losing the ability to run the apps and information that you want to run on…
Less Than 100 Employees: 3x More Likely Target
At Technewsworld the following quote is interesting: “Attackers do not just target large enterprises. Recent reporting shows companies with less than 100 employees are three times more likely to be…
Every month New Vulnerabilities and Patches/Fixes
A new Vulnerability which was a “Zero Day” vulnerability in a Windows Tool called MSDT (Microsoft Support Diagnostic Tool) according to Technewsworld.com story You can see the tool here in…
Another OpenSSH RCE Vulnerability – i.e. Patch Now!
Linuxsecurity.com has the story RCE means Remote Code Execution which means that the attacker does not need an account to make a successful attack. This vulnerability is rated 9.8 out…
Fake Microsoft Ad Campaign Causes Ransomware Attacks
The SC Magazine has a story about this phenomenon: ‘Big Head’ malware threat looms, warn researchers: “In a report posted Friday, Trend Micro said while there was no evidence as…