IT and Business Insights for SMB Solution Providers

Jay Ferron's blog

National Security Agency released the source code of Ghidra, its reverse engineering tool

    The National Security Agency released the source code of Ghidra, its reverse engineering tool.

    This source code repository includes instructions to build on all supported platforms (macOS, Linux, and Windows). With this release, developers will be able to collaborate by creating patches, and extending the tool to fit their cybersecurity needs.

    The source code is available for download at ghidra-sre.org along with the 9.1.1 patch.

Two-Day Shutdown of U.S. Gas Pipeline complements of ransomware

    Many people believe that cybersecurity training and awareness isn’t important in their jobs, especially if their role isn’t technical. However, social engineering has led to the human element being the weakest link in the cybersecurity chain and attackers can be very resourceful and clever in their attempts. A recent attack on a U.S. natural gas compression facility shows just how important this awareness can be.

Emotet banking Trojan gets smarter

    Emotet banking Trojan has been around since 2014 as banking malware. As the software was changed, the developers added additional spamming and malware delivery services found in other
banking malware. Key to Emotet is how it incorporates functionality allowing the software to evade detection by antimalware products.

    Emotet also uses  Worm-like capabilities to help spread to other connected computers. Because of

SweynTooth, targeting Bluetooth

    Bluetooth technology seems to be nearly everywhere now. It is an extremely convenient method to make all sorts of different devices speak the same language and perform greater functions. As we already know though, when computing devices can communicate trouble soon follows in one form or another. This week the details of 12 different security vulnerabilities, collectively called SweynTooth, targeting Bluetooth low energy devices became public. 11 of the 12 vulnerabilities are just denial of service vulnerabilities.

WhatsApp

    Modern communication revolves around the internet and the digital age, allowing people to communicate instantaneously no matter where they are in the world. There are many messaging applications that have come along through the years, but one of the most popular ones used today is WhatsApp. However, security researchers at PerimeterX recently found a vulnerability in WhatsApp that could allow Remote Code Execution (RCE) and the ability to remotely view files on a target system.

Critical vulnerability in the Nortek Linear eMerge E3 access controller

    Take a look around and note all of the electronics around you. How many devices
are in the room with you? How many are communicating? Look beyond the
obvious computer, cell phone, and smart watch. Are there headphones? Key
fobs? Door locks? Anything with a circuit board can be hacked and anything
that is trying to connect makes it easier. Every device comes with vulnerabilities
- it's just a matter of whether someone has found them yet.

Pages

Subscribe to RSS - Jay Ferron's blog