IT and Business Insights for SMB Solution Providers

Jay Ferron's blog

Avast, has been cashing in by selling its customers web browsing history

    Popular antivirus program, Avast, has been cashing in by selling its customers web browsing history. A joint investigation by PCMag and Motherboard found the antivirus company selling its customers’ highly sensitive web browsing data to many of the worlds largest companies. Through leaked company documents and contracts, the investigation found Avast was running a side business along with its primary Antivirus product.

Oracle Critical Patch Update contains 334 new security patches across the product familie

Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Please refer to:

25000 Citrix security issue

    With an estimated 25,000 hosts still vulnerable and proof-of-concept (PoC) exploit code now being released, things went from bad to worse for those affected by the vulnerability CVE-2019-19881. In December, Mikhail Klyuchnikov, a researcher at Positive Technologies disclosed a vulnerability that would allow for direct access to a company’s network from the Internet. He stated that this vulnerability affects all versions of Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway).

Peekaboo Moments failed to secure an Elasticsearch database

    A popular app allowing parents to track their baby’s special moments by storing videos, pictures, height, weight, location, and other milestones in a child’s development has leaked thousands of those special moments online. Peekaboo Moments, developed by Bithouse Inc., failed to secure an Elasticsearch database containing over 70 million log files containing Peekaboo Moments user’s data, including links to videos, photos, and geo-location coordinates.

New Ransomware Infection SNAKE

    In the first three quarters of 2019, the world saw nearly 152 million ransom-ware attacks affecting every sector from government to education to healthcare. As the threat continues to grow, it costs businesses over $75 million per year. One cybersecurity group estimated a new ransomware infection happening every 14 seconds in 2019 and they expect that to accelerate to an infection every 11 seconds by 2021.

Ring Issues ? Did you secure your Ring properly

    In the world of IoT home cameras, Ring cameras by Amazon are most popular. There can be many benefits of using the cameras for monitoring or as a security device, but it’s been a bad few weeks for the Ring camera. We now have reports of a hacker taunting a child in Mississippi, in another report someone hurled racist insults at a Florida family. A Tennessee family reported that a man hacked their camera to talk to an 8-year-old girl in her bedroom.

Android Malware impacts all Android devices including the most recent versions and updates

    Malicious apps are bad enough, but what if you have one on your phone that looks just like an app you use everyday? As it turns out, researchers from the Norwegian application security firm Promon discovered an Android vulnerability that does just that. 

    Dubbed StrandHogg, it impacts all Android devices including the most recent versions and updates. It also reportedly "puts the top 500 most popular apps at risk" without even needing root access. If you have an Android in your pocket, you are at risk.

Pages

Subscribe to RSS - Jay Ferron's blog