Vulnerabilities Archives - Page 4 of 4

Countering Cybersecurity Attacks

It is a cry of every person, organization and even countries that a long lasting solution for cybersecurity is found. Every day, reports of growing number of cases concerning breach in cybersecurity are reported and the risk increases daily due to growing number of interconnected devices being added to the internet. Your information and data is not one hundred percent secure in your computer because you are exposed to the outside world. You never know who is trying to access your information. What is cybersecurity? Cybersecurity is processes and practices that work together to ensure integrity, authentication, confidentiality and availability … Read more

The Top 15 Most Used Passwords Will Make You Laugh… or Cry

by Dan Evert, CCNP

Every year the guys at SplashData analyze millions of hacked and leaked passwords from websites and online services. They then publish this most commonly used passwords that they find. It is never a good idea to use such obvious passwords because there is virtually no security. In fact, it is a common practice for hackers to simply run through the list of common passwords with multiple user names. Boom – they get access to your private information and can use it to gain more information and cause damage. Here is the list. 1. 123456 … Read more

AI Weaponization

by George Mutune

Artificial intelligence technologies are now being leveraged to execute intelligent cyberattacks. Hackers are combining open-source AI technologies with malware to create these AI-based attacks. This is a trend that is creating new types of advanced and sophisticated threats. AI technologies are used to conceal the malware embedded in applications. Using AI, the malicious behavior of the code is not triggered until the application reaches a particular target. Cybercriminals usually conceal the unwanted information through applying an AI model and then derives a private key to determine the time and place of unlocking the hidden malware. AI Triggers Any type of … Read more

Countering Cyber Security Attacks

by Oliviah Nelson

It is a cry of every person, organization, and even countries that long-lasting solution for cybersecurity is found. Every day, reports of a growing number of cases concerning breach in cybersecurity are reported, and the risk increases daily due to the increasing number of interconnected devices being added to the internet. Your information and data are not hundred percent secure in your computer, majorly because, you are exposed to the outside world and you never know who is trying to access your information. What is cybersecurity? Cybersecurity is the processes and practices that work together to ensure integrity, authentication, confidentiality, … Read more

Top Malware Attacks that Prove IOT Needs Security

by Oliviah Nelson

You may think you are safe when you put your login credentials to your social media account, but you need to take care of yourself. Social media and other anything you access online is not safe anymore, do not trust any online platform with your information or data. Always have your doubts every time you access websites in your internet space, never be overconfidence, have some smart cybersecurity strategies that will protect you because cyber hackers are not sleeping, but thinking of a new way to access information that might be of benefit to them. Many hackers use sophisticated software … Read more

Cybersecurity Threats in the Banking Sector

by Oliviah Nelson

Over the last half a decade, Cyber-attacks has been considered as one of the biggest threat to the financial institution. Cyber criminal’s skill and techniques have evolved with technology; they have become more organized forming groups like Lazurus making it difficult for financial services to have the upper hand in the war on cybercrime. The loss from cybercrime is substantial in the banking sector raging from litigations, to cost of preventing another breach and a dent to the reputation of the institution. Financial service providers such as the banking sector are more likely to be targeted compared to any other … Read more

Cybersecurity Threats on Forex Trading and Cryptocurrencies

by Oliviah Nelson

Cyber Crime in Forex Trading While cyber-attacks have become a regular occurrence in the world today, catastrophic results have been recorded. The question is, is forex trading impenetrable to hackers? Or is forex trading immune from attackers, how secure is it? In a nutshell, forex trading just as any other online platform is prone to cyber-attacks which can have diverse effects. Cybercrimes in forex trading may include the following. One, a malicious hacker may gain access to passwords and usernames of forex trading accounts. Having this access, it is possible for them to undertake unauthorized transactions such as trading currencies … Read more

The Basics of CyberCrime

by Oliviah Nelson

Definition and Overview of Cybercrime Cybercrime is also referred to as computer Crime, which is merely the use of a computer or an electronic gadget that can access the internet to commit illegal acts such as trafficking in intellectual property and child pornography, violation of privacy, fraud among other unlawful ends. Cybercrime over the internet has over the years grown substantively owing to advancements in technology in today’s world. Today, major societal issues such as entertainment, commerce, and government operations are operated over the internet. This makes its users vulnerable to cybercriminals. The Americans are known to be among the … Read more

Cyber Incident Analysis

by Oliviah Nelson

With the advancement in technology, cybersecurity incidents have increased both in oftenness and sophistication. Practically every second somewhere in the world someone is trying to infiltrate or rather hack a particular computer system. A cybersecurity incident can be defined as an act of malice whose intention is to compromise or disrupt either the physical or electronic security perimeter of a critical cyber asset. Cybersecurity incidents may be grouped into social incidents, misuse incidents, hacking incidents, and malware attacks. Cyber-attacks may target things such as domain name systems, network infrastructure, and websites or even applications. Due to the increased cases of … Read more

Your home wireless network is likely not very secure

by Fred Templeton, CISA, CASP, SEC+

Most of us don’t think about hackers spying on our home internet activity and searching through our home computer files. In fact, most of us believe that our home lives are not interesting enough for hackers to waste their time trying to crack into our systems. But what if it does not take much time at all? What if you knew that your home wireless network could be easily compromised? What if you new that it was so easy to hack your home network that the teenager next door can do it in 5 minutes or less using software that … Read more

Kevin Mitnick – The Most Infamous Hacker of All Time

by Frank Jones, CISSP

The art of hacking has been in development for many years. The heyday of hacking was before the Internet even existed. There are amazing and exciting stories about hackers who hacked for notoriety, money, street cred, and just for personal accomplishment. Before the Internet, there were still many targets for hackers. Hackers reverse engineered casino games like slot machines. Hackers used social engineering and phone systems not only to have access to free long-distance calls but for financial gain. It was during this pre-Internet era that the number one most infamous hacker on our list crafted and honed his skills: … Read more

What to do if your WordPress Site Gets Hacked

by Donald

Some estimates state that 40% of websites use the Content Management System (CMS) known as WordPress. WordPress is one of the easiest ways to get a professional website up and running quickly. But if you don’t keep your site updated, then there is a good chance that you will wake up one day to find that you have malware on your website. Most people find out that their site was hacked when they find out that their browser starts flashing a warning when they try to access the site. For example, if you use Chrome, then the notification will look … Read more

The Marriott Hack – This is What will Happen Next.

by Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3

Personal information from about 500,000,000 people who made reservations at a Starwood hotel was stolen by hackers. These hotels include Sheraton, Aloft, W Hotels, and Westin Hotels. Marriott acquired the Starwood Group back in 2016, but the compromise started way back in 2014 before the acquisition took place. Hackers had full access for four years This means that the hackers had plenty of time to learn, gather data, and exploit that data. The hackers had access to everything in the system and used the Starwood system as their playground for four years. A data loss protection (DLP) system was in … Read more

Passwords Suck and Will Go Away – Here’s How

by Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3

Why Passwords Suck Usernames and Passwords are not secure by nature. Usernames and Passwords are controls that rely on “Something you know.” Knowledge is easily transferable, and therefore, passwords are not secure. No amount of security training will eliminate or overcome human nature. It is human nature to make passwords we can easily remember. Passwords that are easy for us to remember are also easy for people to guess. Passwords are also used over and over again on multiple accounts – bank accounts, email accounts, work accounts, etc. Worse yet, passwords our often openly shared among trusted individuals like family … Read more

Are Dark Web Scans Effective?

by Donald

The Dark Web is Anonymous The dark web is a scary place. It is a network of websites teeming with illegal activity. It is a secret place where visitors protect their identity by using techniques to keep identifying information (Like their IP address) hidden. There are several methods that people use to keep themselves anonymous when accessing the dark web. You need to use the TOR browser to access the dark web. What can be Found on the Dark Web? As far as illegal stuff – you name it, and it can be found on the dark web. Related to … Read more

Why Hardware Encryption is Not Secure

by Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3

Hardware Encryption is not Secure A Little History… In the past, it was assumed that hardware encryption is far more secure than software encryption. Many people, including security experts, still believe this to be true. And in the past, it was true. But recent history has proven that hardware encryption is highly vulnerable. The widely published recently discovered hardware encryption vulnerabilities include Spectre and Meltdown. Both Spectre and Meltdown exploit flaws in processors. Our good friend Steve Gibson has also outlined severe security vulnerabilities in a hardware-encrypted solid-state drive (SSDs). Every SSD that researchers have examined has been found to … Read more

Murder by Hacking

by Donald

When Hackers Kill Hackers have already – perhaps many times- have contributed to death by hacking into secure systems and releasing information. This information has lead to the loss of life in many different ways, including suicide and murder. But hacking has now evolved to the point that cybercriminals can use computers to negatively affect and damage the physical world, including the murder of individuals and groups. Hackers have the power of mass-murder in their hands right now. Using malware to affect the physical environment is nothing new. One of the most famous cases is the Stuxnet virus that was … Read more

What is Zerodium?

by Donald

Zerodium is a reputable place where you can sell zero-day exploits. Hackers and security researchers know that Zerodium is a way to cash in on vulnerabilities that they discover in operation systems, software and hardware, and devices. There are several ways that you can make money from discovering vulnerabilities. You can disclose the vulnerability to the software or hardware vendor. Many companies offer a “Bug Bounty” program where they pay for such discoveries. It is the “White Hat” thing to do. You can sell the exploit on the black market. If you do this, your exploit will undoubtedly be used … Read more

What is Persian Stalker?

by Donald

Persian Stalker is targeting Iranian social media accounts. The “group” has been around since 2017, and they have been observed targeting social media accounts. Specifically, this group focuses on gaining access and control of Instagram and Telegram accounts. Telegram is a popular service with about 40 million users. Telegram is a communication app that has been used to organize protesters in Iran. Of course, the Iranian government is not a fan of this service. The Iranian government has actively requested that certain services and channels be shut down. As far as we know, the Iranian government has not engaged in … Read more

More data shows that Americans are lackadaisical about security.

by Donald

A new research report Published by cybersecurity specialists, BestVPN.com, shows the state of online privacy in the United States. BestVPN surveyed 1,000 U.S. consumers to comprehend the state of online privacy in 2018. The report reveals a significant knowledge gap and suggests that, despite their fears, US citizens are not protecting themselves against the ever-growing amount of cyber-threats. In light of the 2018 information breaches and revelations, consumers were asked to detail their cyber hygiene habits. There is a significant distrust of social media platforms; 45% of consumers report feeling uncomfortable about using platforms that track and sell their information. … Read more

The freeRTOS Vulnerability Disaster

by Donald

FreeRTOS, the open-source operating system that powers most of the small microprocessors and microcontrollers in many IoT hardware products has newly identified vulnerabilities. The vulnerabilities are in the TCP/IP stack and affect the FreeRTOS. The versions affected The versions affected are FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS up to V1.3.1, OpenRTOS and SafeRTOS (With WHIS Connect middleware TCP/IP components). Why this is a disaster FreeRTOS is used in many IoT devices. These devices are often inexpensive and not easily patched. In fact, many of these devices have firmware that has not been updated for many years. Examples of … Read more

+ More