IT and Business Insights for SMB Solution Providers

My Information Resource

Blog Entry
December 16th, 2020 | Jay Ferron
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020. - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
 Defining IoT Cybersecurity Requirements: Draft Guidance for Federal Agencies and IoT Device Manufacturers (SP 800-213, NISTIRs 8259B/C/D) - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
Title: Microsoft Information Protection and Microsoft Azure Purview: Better Together - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
 Microsoft latest security blogs, including some with more information about recent attacks. - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
 Microsoft recently blogged about the - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
This week, the NSA released an announcement saying, “Russian state- sponsored malicious cyber actors are exploiting a vulnerability in VMware Access and VMware Identity Manager2 products, allowing the actors access to protected data and abusing federated authentication.” This vulnerability is tracked as CVE-2020-4006 (7.2 CVSS score) which was issued on 23 November 2020 but updated recently with VMWare’s patch - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
ESET researchers have recently released information on the discovery of a new backdoor dubbed Crutch that uses Dropbox to exfiltrate stolen files. Crutch has been seen as early as 2015 and is believed to be a second-stage backdoor that is deployed after a victim has already been compromised. - read more
 
Blog Entry
December 16th, 2020 | Jay Ferron
 It's been a while since credit card and social security numbers were enough to supply the criminal market with stolen data. In the last few years there has been a marked increase in the amount of healthcare data up for sale thanks to some major data breaches and the notoriously poor security of smaller healthcare providers. - read more
 
Blog Entry
November 21st, 2020 | Jay Ferron
 Cybercriminals stole $15 million from a U.S. company by inserting themselves in email correspondence relating to legitimate business fund transfers. The tactic is called Business Email Compromise (BEC) and is one of the most financially damaging online crimes according to the FBI. BEC is a lucrative scam because we rely on email to conduct financial business transactions, such as wire transfers. - read more
 
Blog Entry
November 21st, 2020 | Jay Ferron
 If you Google “Win10 zero-day”, you’ll likely find a number of results. Today’s zero-day is one that involves both Google Chrome and Microsoft Windows and is actively exploited. It has been disclosed with a proof of concept but is still not patched by Microsoft! - read more
 

Pages

Subscribe to My Information Resource