Category: Security
Cybersecurity Threat Advisory: Windows Desktop Shortcut Hijack
What is the Issue: Security researchers have discovered a new attack technique utilizing Microsoft Word, macros and your desktop shortcuts. Utilizing a malicious macro embedded within a Word document, desktop shortcuts are modified to download malware when you click on...
Cybersecurity Threat Advisory: Unprotected Marketing Database Exposes PII
What is the Issue? On June 27th, an unprotected database belonging to a marketing firm containing 340 million records exposed to the internet was discovered. The database was found by an independent research firm. Why is this noteworthy? The unprotected...
Cybersecurity Threat Advisory: Necurs Malware Bypassing Conventional Detection Methods
What is the Issue? It has been discovered by Trend Micro that the Necurs malware, which was previously revealed as an internet shortcut, has now been found under the veil of the internet query file. These files innocently and typically...
Cybersecurity Threat Advisory: Mylobot Malware Brings New Sophistication to Botnets
What is the Issue? Researchers have discovered a New Windows malware whose origin traces back to the ‘Dark Web.’ The malware, dubbed Mylobot, pulls together a variety of strategies and techniques to gain a foothold on its targets and remain...
Wipro breach and how MSPs can avoid the same fate
Wipro, one of India’s largest and most successful MSPs, recently fell victim to a hack that was accomplished via a phishing campaign. After gaining entry to Wipro’s network “for some time,” the hackers were able to launch cyber attacks against...
Human vulnerability is the biggest cybersecurity threat
The culture of cybersecurity has been training its weapons in the wrong direction, according to Dr. Arun Vishwanath, the chief technologist at Avant Research Group and a former professor at the University at Buffalo. While ransomware, spearphishers, and general hackers...
Cybersecurity Threat Advisory: MacOS Bypass Flaw Lets Attackers Sign Malicious Code as Apple
What is the Issue: Due to a flaw in Apple’s code-signing API, hackers have been able to manipulate the code-signing process to enter malicious code into MacOS systems. Third-party security tools were unable to detect the issue as the malicious...
Cybersecurity Threat Advisory: Adobe Flash Zero Day Patch
What is the Issue: Adobe has recently released an emergency patch for a Flash Zero-Day vulnerability, that when exploited properly can allow an attacker to execute arbitrary code, and enable information disclosure. Most current web browsers block Adobe Flash all...
Cybersecurity Threat Advisory Google Chrome Content Security Policy
What is the Issue? Chrome’s security team described the issue as the web browser’s incorrect handling of CSP headers (CVE-2018-6148). They noted on their blog – “Access to bug details and links may be kept restricted until a majority of...
MSPs can harvest new business on the farm
When most people think of farming, they think of milking cows, hearty farmhouse breakfasts, fresh eggs, and rows of carefully cultivated crops. In reality, farming is a mix of everything, from no-tech operations to sprawling factory farms. Moreover, in almost...
