Category Archives: Uncategorized

Dark Web

The Dark Web is a network of systems connected to the Internet designed to share information securely and anonymously. These capabilities are abused by cyber criminals to enable their activities, for example selling hacking tools or purchasing stolen information such as credit card data. Be aware that your information could be floating around the Dark Web, making it easier for cyber criminals to create custom attacks targeting you..
Source: SANS Security Awareness

Microsoft Patch Alert: Full of sound and fury, signifying nothing

What happens when Microsoft releases eight – count ‘em, eight – concurrent beta test versions of Win10 version 1909 without fixing bugs introduced into 1903 on Patch Tuesday?

Pan. De. Moaaan. Ium.

The VB/VBA/VBScript debacle

No doubt, you recall the first wave of pain inflicted by the August 2019 patching regimen. Microsoft somehow managed to mess up Visual Basic (an old custom programming language), Visual Basic for Applications (for Office macros) and VBScript (a largely forgotten language primarily used inside Internet Explorer). Folks running applications in any of those languages would, on occasion, receive “invalid procedure call error” messages when using apps that had been working for decades.

To read this article in full, please click here


Source: Computerworld.com | Security

Careers in Cybersecurity

Have you considered a career in Cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.
Source: SANS Security Awareness

Hedera Hashgraph launches mainnet, hopes to compete with global business networks

Hedera Hashgraph, an electronic public ledger developed for corporate use, launched its mainnet beta today, allowing developers to create an account and build decentralized applications (dApps) for it.

The distributed ledger technology (DLT) is a direct competitor to blockchain distributed ledgers such as Ethereum and Hyperledger, and claims it can outperform traditional financial and business networks.

“There is no direct equivalent to Hedera Hashgraph today,” said Martha Bennett, a principal analyst at Forrester Research. Hedera is potentially competing with public networks and all the enterprise DLT frameworks (such as Hyperledger Fabric & Sawtooth, R3 Corda, and others) and their commercial providers, which include AWS, IBM, Microsoft, Oracle.

To read this article in full, please click here


Source: Computerworld.com | Security

Keeping Passwords Simple

We know at times this whole password thing sounds really complicated. Wouldn’t be great if there was a brain dead way you could keep passwords simple and secure at the same time? Well, it’s not nearly as hard as you think. Here are three tips to keeping passwords super simple while keeping your accounts super secure.
Source: SANS Security Awareness

Personalized Scams

Cyber criminals now have a wealth of information on almost all of us. With so many hacked organizations now a days, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number or birth date in it does not mean it is legitimate.
Source: SANS Security Awareness

March 2019 Windows and Office patches poke a few interesting places

Patch Tuesday has come and gone, not with a bang but a whimper. As of this moment, early Wednesday morning, I don’t see any glaring problems with the 124 patches covering 64 individually identified security holes. But the day is yet young.

There are a few patches of note.

Two zero days

Microsoft says that two of this month’s security holes — CVE-2019-0797 and CVE-2019-0808 — are being actively exploited. The latter of these zero days is the one that was being used in conjunction with the Chrome exploit that caused such a kerfuffle last week, with Google urging Chrome browser users to update right away, or risk the slings of nation-state hackers. If you’ve already updated Chrome (which happens automatically for almost everybody), the immediate threat has been thwarted already.

To read this article in full, please click here


Source: Computerworld.com | Security

Apple’s Box security scare shows the risk of shadow IT

Until enterprise IT truly understands that its own internal systems need to be as easy to use as any iOS app and as easy to learn as an iPhone, potentially damaging data breaches will take place, threatening business confidentiality. Apple is not immune.

Apple and the human interface

The news is that information from some of the world’s biggest names in business – including Apple, Edelman and Discovery Channel – could have been accessed through Box Enterprise, which offers companies bespoke company name-based file archiving and sharing services using this URL construction:

https://<companyname>.app.box.com/v/<filename>

To read this article in full, please click here


Source: Computerworld.com | Security