Happy 4th of July !!! Remember to do your full backups at this time . If you cant do it on a regular basis (weekly or monthly) at least do some 2z a year. In July and December for example. The only way is to have backups, update your systems, anti-virus software. and … Read more
What if you have software with a vulnerability that will not be patched? What does this mean? RCE means Remote Code Execution which means the attacker does not have to be on the system to exploit it (this is the most dangerous attack). If you are running Horde webmail to check your email – … Read more
Remember the Exchange server hack from a year ago (post from 3/16/21)? “Exchange Server Attacks Just Beginning?” “Attacks exploiting the flaws were first spotted in January. They initially were limited and targeted, seemingly for espionage: the adversaries primarily targeted specific email accounts. Microsoft attributed the activity to a group it calls Hafnium, believed to operate … Read more
As a Malwarebytes blogpost states, here are 5 reasons why fileless malware is used by attackers: The most common use cases for fileless malware are: Initial access. The first step of a cyberattack is to gain a foothold on a system. This can be stealing credentials or exploiting a vulnerability in an access point. Harvest … Read more
is everything fixed now about 4 months after the vulnerability was disclosed (and discussed here December 13,2021) So on this day in March (the 4th) Threatpost has a story from a few days ago: Millions of Java Apps Remain Vulnerable to Log4Shell (a Log4J vulnerability) The main sentences in the story are the following: “Researchers … Read more
