Discussion of public breaches of security
Unfortunately they can 1. Why Ransomware? because the ransomware attack software is out for everyone – it is easy to send attack emails to millions. 2. Most Attacks start with phishing emails. 3 Have you updated your systems? Also called patched your systems? every month Microsoft and other vendors release fixes to their software which … Read more
From Brian Krebs’ KrebsonSecurity website: On Jan. 19, the ICRC disclosed the compromise of servers hosting the personal information of more than 500,000 people receiving services from the Red Cross and Red Crescent Movement. The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people … Read more
Threatpost has the stories – “China Suspected of News Corp Cyberespionage Attack” media giant news Corp was attacked with BEC (the most likely method of attack) Business Email Compromise. Here is an excellent FBI explanation of BEC. In a BEC scam, criminals send an email message that appears to come from a known source making … Read more
Yes take a look at the latest CISA(Cybersecurity Infrastructure Security Agency) Infographic: Goto CISA webpage for fullsize infographic if you want. CISA is trying to convince you into creating segmentation in different pieces of your network. We need to go through this process to make sure you understand why this method is a good … Read more
Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote code execution (RCE) on any application that uses the open-source utility and affects … Read more
