IT and Business Insights for SMB Solution Providers

Jay Ferron's blog

IRS Warns of New Email Scam

The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious cyber actors send unsolicited emails to taxpayers from fake (i.e., spoofed) IRS email addresses. The emails contain a link to a spoofed IRS.gov website that displays fake details about the targeted recipient’s tax refund, return, or account. The emails instruct the recipient to access their refund information by entering a provided password on the spoofed website.

Rubys in the Rough

    The Ruby programming language is a high level general-purpose programming language that was developed to focus on being Object oriented when the options for it were few and the creator found them lacking. The language uses a package manager called RubyGems to have a standardized platform for managing programs and libraries. 

Mistake Apple accidentally Un-Patches Old Flaw

    Apple accidentally re-introduced a previously patched vulnerability from iOS 12.3 into iOS 12.4. This led to the release of a jailbreak for iOS 12.4 from Security Researcher Pwn20wnd called “unc0ver 3.5.0.” This is the first jailbreak to be released for up-to-date iPhones in years. This is significant, because, according to an article from Motherboard, iPhone bugs are so valuable that they are often not reported to Apple at all, and jailbreak exploits are often sold for large amounts of money.

More examples of Speed to market not Secure First

    New technology often saturates a market before fully ripening to prime usefulness. The race to be first to market is often seen in the idea of recognized household names like Alexa, Blackberry, or even the Oculus Rift. While they might not always be the best at what they do, the familiarity can smooth over many of the kinks in the products they produce.

NIST Publishes Multifactor Authentication Practice Guide

The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce. The guide provides e-commerce organizations multifactor authentication (MFA) protection methods they can implement to reduce fraudulent purchases.

Pages

Subscribe to RSS - Jay Ferron's blog