Category: Security
Worldwide popularity of GDPR on the rise
The first anniversary of a move by the European Union to impose a General Data Protection Rule (GDPR) arrives at the end of this week. GDPR was enacted to protect the digital rights of anyone doing business with a company...
Cybersecurity Threat Advisory: HIDDEN COBRA – FASTCash Campaign
What is the Issue? The FBI – in partnership with U.S. government partners, DHS, and Treasury – identified malware and other indicators of compromise (IOCs) used by the North Korean government in an Automated Teller Machine (ATM) cash-out scheme –...
Cybersecurity Threat Advisory: Access-Token-Harvesting Attack Affects Facebook
What is the Issue? Many applications typically require an email verification step to authenticate identity before logging the user in. If a person signs up for any app using Facebook Login, an account is created for them, and the authentication...
Cybersecurity Threat Advisory: Newegg Data Breach Left Customer Credit Cards Exposed
What is the Issue? The online retailer Newegg confirmed on Wednesday that credit card information from customers had been stolen using a sophisticated attack. Hackers injected 15 lines of card skimming code on the online retailer’s payments page; the code...
Cybersecurity Threat Advisory: Data Theft Risks from “Cold Boot Attack” Variation
What is the Issue? Researchers have discovered that a new exploit built on the foundations of the cold boot attack leaves nearly all laptops and desktops; both Windows and Mac users vulnerable. Attackers can meddle with a computer’s firmware to...
Latest Intel chip vulnerabilities represent a major challenge for MSPs
Remember the news about the Intel Meltdown and Spectre chip vulnerabilities that emerged last year? Remember all the panic and the patches? Well, get ready because you’re about to go through all of that again with the latest Intel chip vulnerability....
Time to appreciate the thin line of cybersecurity defense maintained by MSPs
One of the toughest, and often thankless, roles in all of IT is that of the managed security services provider (MSSP). Most MSSPs know cyberattacks tend to come in waves. Cybercriminals like to mix up their attack vectors to avoid...
Cybersecurity Threat Advisory: Infection on E-commerce Platform Magento
What is the Issue? Security researchers have discovered that a massive hacking campaign is targeting the ecommerce platform Magento. Hackers are infecting stores that use the platform with a skimmer script in the source code, dubbed MagentoCore that siphon’s payment...
Cybersecurity Threat Advisory: Qualcomm’s Medical Gateway Critical Vulnerability
What is the Issue? Recently, an undocumented vulnerability in the Qualcomm Life’s Capsule Datacaptor Terminal Server (DTS) medical device gateway was found to be exposed to the “misfortune Cookie” vulnerability CVE-2014-9222. This opens the possibility for remote attackers to gain...
Catch hackers with a honeypot in your security service
I once visited an Amish farm where green plastic 2-liter 7-Up bottles dangled from the lower branches of the fruit trees. The bottles were filled about halfway with some sort of liquid. Upon closer inspection, I could see a banana peel...
