Discussion of public breaches of security
This is a snowball rolling down the hill – the latest Dark Reading story discusses the latest thinking: “Attacks exploiting the flaws were first spotted in January. They initially were limited and targeted, seemingly for espionage: the adversaries primarily targeted specific email accounts. Microsoft attributed the activity to a group it calls Hafnium, believed to … Read more
30,000 organizations including small businesses, towns and local governments with an exchange server, i.e. anyone who runs their own exchange server was susceptible to getting hacked. Krebs on Security blogpost. Also we have the following story: White House cites ‘active threat,’ urges action despite Microsoft patch The problem may be that if one was attacked … Read more
FireEye Blogpost last week about phishing emails using the iCEDID phishing infection has an interesting image explaining this concept: This is a sophisticated phishing setup and thus it behooves us to review this carefully. If you notice the initial phishing email when opened has several embedded items as well as a password structure so that … Read more
Threatpost has the story Microsoft pulls bad Windows Update After Patch Tuesday headaches . Patch Tuesday this month (February) was the second Tuesday of the month so it was the Feb 9th. Today the 17th is a week later and apparently this story is from yesterday(16th). There were some problems with a service pack update. … Read more
Threatpost has the story in Utah legislation work. Let’s explain some catfishing: “The practice of catfishing often occurs in online dating or social-networking scenarios in which someone takes someone else’s personally identifiable information–such as photos, addresses, educational history or professions–to pretend to be that person to seem more attractive or interesting to people they … Read more
