Some Carrier Embedded Android Apps May Have Security Vulnerabilities
Recently, Microsoft reported high severity security vulnerabilities in multiple apps offered by large international mobile service providers. What makes this especially noteworthy is the fact that these vulnerabilities aren’t app specific, but framework specific. Many carriers use the same basic framework to construct their apps and now all have been found to contain vulnerabilities. The […]
Millions Of MySQL Server Users’ Data Found On The Internet
Do you maintain a MySQL server? If so, you’re certainly not alone. What you may not know is that according to research conducted by The Shadowserver Foundation, (a cybersecurity research group) there are literally millions of MySQL servers visible on the internet that shouldn’t be. In all, the group found more than 3.6 million MySQL […]
Hackers Are Using Personal Messages On WhatsApp To Attack
Are you a WhatsApp user? If so, be aware that hackers have worked out a means of hijacking a user’s WhatsApp account and gaining access to a user’s contact list and personal messages. The attack relies on mobile carriers’ automated service to forward calls to different phone numbers, which is a service every major mobile […]
Microsoft Releases Multiple New Features For Teams
Teams was “just another Microsoft application” before the pandemic. Thanks to Covid-19 though, demand for video conferencing solutions shot through the roof, and suddenly Teams found its groove. Microsoft had been gamely trying to bolster its popularity and the pandemic certainly helped. For more than two years, the Redmond giant has been pouring an increasing […]
Intel Users Should Update Firmware To Avoid This Ransomware
Not long ago, researchers at Eclypsium got a lucky break. An unknown and unidentified individual began leaking communications from inside the Conti ransomware organization. These leaked communications seemed to confirm what has long been suspected: That there are strong ties between the Conti gang and Russia’s FSB (military intelligence). This sounds like something right out […]
The Windows Follina Vulnerability Has A Temporary Fix
File this away under “good news, bad news.” The bad news is that there’s a new, critical zero-day threat to be concerned about. The threat has been dubbed ‘Follina.’ It is being tracked as CVE-2022-30190 and is being described by Microsoft as an MSDT (Microsoft Windows Support Diagnostic Tool) remote code execution flaw that impacts […]
Microsoft Will Not Release Exchange Server Updates Until 2025
Are you planning on setting up an Exchange server soon or are you running one now? If so, be aware that Microsoft is changing their guidance when it comes to the technology and specifically running a server on-premises. Two years ago, the Redmond giant announced that the next versions of their Skype for Business Server, […]
Enemybot Malware May Go Beyond DDOS Attacks
Unless you’re an IT Security Professional, you may never have heard of EnemyBot. It is a bit like the Frankenstein of malware threats, a botnet that has borrowed code from multiple different sources. While that’s not terribly original, it does make it dangerous. The hackers behind the code are actively adding new exploits as newly […]
This Android Malware Is Stealing Login Credentials
If you’re deeply involved in IT security, you may already be familiar with the ERMAC Android banking trojan. If this is the first time you’re hearing of it, be aware that the hackers who authored the malicious code have recently released ERMAC 2.0, which represents a significant upgrade in capabilities from the previous iteration. ERMAC’s […]
Screencastify Issue Could Allow Someone To Steal Recorded Videos
Are you one of the legions of users making use of the Screencastify Chrome extension? It’s a fantastic Chrome extension that allows you to almost effortlessly create screencasts for a variety of purposes. Unfortunately, the web extension also suffers from a critical security vulnerability that allows attackers to take control of a user’s webcam and […]