Internet Storm Center discusses an attack by the ‘GoldBrute’ botnet They found 1.5mil servers being used by the botnet. This means that a weakness in Microsoft (CVE-2019-0708) May 14 Customer Guidance page: Specifically: CVE-2019-0708 A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker […]
If there is no way to fix a vulnerability what do you do if you have a camera with a vulnerability? Here is the quote on Threatpost (from the engineer that found the flaw): “Over 2 million vulnerable devices have been identified on the internet, including those distributed by HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO […]
Have you received an email saying your password has been stolen in broken English? Subject: “Security Notice. Someone have access to you system” As you may have noticed, I sent you an email from your account. This means that I have full access to your acc: On moment of crack (youremail@youremaildomain.com) password: jfwqu6qoizxahofj0qkw You say: […]
This could make many “thought safe” Wi-Fi routers not so Here is where paying attention to new attacks is important. hashcat.net has the information: This attack does not even need a full EAPOL 4-way handshake, EAPOL stands for Extensible Authentication Protocol(EAP) over LAN. A simple 4-way handshake is shown pictorially below (from hitchhikersguidetolearning.com) This means that […]
We as Cybersecurity practitioners must use the best tools we can find. So if AI(Artificial Intelligence) can help us we need to use them. Of course we have to use real AI tools, not old tools renamed “AI” to sell more software for a little bit of time. What is the definition of AI ? […]