The Exchange server hack keeps on going: https://www.technewsworld.com/story/87095.html : (April 13 story) Fortune 500s Hit by MS Exchange Breach Maybe still unaware. Although this article lists a lot of Fortune 500 companies with large budgets, they seem to have missed the Microsoft Exchange Server vulnerability fix. Probably the reason is that this specific problem was … Read more
Wait a second … I thought that MFA (Multi-Factor Authentication) was set up to prevent some attacks? The Googleblog post from a couple of years ago: Security Google blog had some data that proved the efficacy of MFA in this image: So MFA (or 2FA Two Factor Authentication) does prevent a number of potential attacks. … Read more
Should Cybersecurity have some attention if you have not been hacked before? Does your business really need more Cybersecurity awareness? I.e. So What… Cybersecurity!!! Is this what you are thinking? That does not matter to me ? I guess if this is your default thinking after every new headline of Breaches and attacks… For example … Read more
Internet Storm Center discusses an attack by the ‘GoldBrute’ botnet They found 1.5mil servers being used by the botnet. This means that a weakness in Microsoft (CVE-2019-0708) May 14 Customer Guidance page: Specifically: CVE-2019-0708 A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker … Read more
If there is no way to fix a vulnerability what do you do if you have a camera with a vulnerability? Here is the quote on Threatpost (from the engineer that found the flaw): “Over 2 million vulnerable devices have been identified on the internet, including those distributed by HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO … Read more
