Call Us Today at: 503-850-3055

Blog

Phishing-as-a-Service on the Rise with Caffeine

Phishing-as-a-Service on the Rise with Caffeine

November 28, 2022BlogNo Comments »

Threat actors may now launch their own sophisticated assaults thanks to the emergence of Phishing as a Service (PhaaS) platforms like "Caffeine." Through an open registration procedure, anyone who wishes to launch their phishing campaign can sign up on these platforms. Security experts at Mandiant discovered the first sighting of these threats while investigating a large-scale phishing campaign. The purpose...

Read More

Vice Society Claims Cincinnati State College Cyberattack

Vice Society Claims Cincinnati State College Cyberattack

November 26, 2022BlogNo Comments »

Data allegedly stolen from Cincinnati State Technical and Community College has been leaked after Vice Society attacked the campus. Many of the stolen documents were posted on the hackers' websites. These documents date from several years ago until November 24, 2022, suggesting that threat actors still have access to the compromised systems, but this has not been confirmed. The leaked files...

Read More

Hackers Execute Arbitrary Code with Microsoft Office

Hackers Execute Arbitrary Code with Microsoft Office

November 25, 2022BlogNo Comments »

According to cybersecurity experts at Cisco Talos, Microsoft Office has a high-severity vulnerability that could allow prospective cyber attackers to execute malicious code on the target device remotely. Microsoft announced the issue in a brief blog post, stating that its researcher Marcin 'Icewall' Noga had identified a class attribute double-free vulnerability impacting Microsoft Excel. The victim would give the attacker...

Read More

Malicious SEO Campaign Affects Thousands of Sites

Malicious SEO Campaign Affects Thousands of Sites

November 24, 2022BlogNo Comments »

In a massive malicious SEO campaign, cybercriminals are promoting low-quality Q&A sites by redirecting visitors to fake discussion forums. As a result, almost 15,000 sites have been compromised. In September 2022, researchers at Sucuri discovered the attacks. Each compromised site was found to contain approximately 20,000 files that were utilized in the search engine campaign. Researchers believe that the goal...

Read More

Phishing Kit Targets US Shoppers

Phishing Kit Targets US Shoppers

November 23, 2022BlogNo Comments »

Security experts at Akamai have discovered a campaign that uses an elaborate phishing kit. This campaign targets Americans using lures centered around holidays like Labor Day and Halloween. The kit combines several methods and employs several evasion detection techniques to prevent non-victims from visiting its phishing pages. One of the most intriguing aspects of the kit is a token-based method...

Read More

Lenovo Patches Critical Security Flaws

Lenovo Patches Critical Security Flaws

November 22, 2022BlogNo Comments »

Lenovo reports that it has patched two critical security flaws that affected several of its ThinkBook, IdeaPad, and Yoga laptops. Lenovo is also recommending that consumers update their systems immediately. The flaws make it possible for cybercriminals to deactivate the UEFI Secure Boot tool, allowing them to load and run malicious scripts during the system boot process (before the OS...

Read More

DuckDuckGo Releases App Tracking Protection Beta for Android

DuckDuckGo Releases App Tracking Protection Beta for Android

November 21, 2022BlogNo Comments »

The feature is comparable to Apple's 'App Tracking Transparency. However, unlike Apple, DuckDuckGo's method does not rely on app developers' compliance with user choice. All known trackers are blocked. According to DuckDuckGo, Android users have an average of 35 applications installed on their smartphones, resulting in between 1,000 and 2,000 monitoring attempts every day for over 70 tracking organizations. As...

Read More

How To Develop Accountability In Remote Workers

How To Develop Accountability In Remote Workers

November 19, 2022BlogNo Comments »

Accountability can be a tricky thing when it comes to your remote employees.  It's something that even seasoned managers struggle with. If that's the boat you find yourself in, take notes!  In this article, we'll outline some simple and effective ways you can foster and develop accountability in your remote teams without having to micromanage. Transparency The first step in...

Read More

Bypass Android Lock Screen on Pixel and Other Devices

Bypass Android Lock Screen on Pixel and Other Devices

November 18, 2022BlogNo Comments »

David Schütz, a cybersecurity researcher, inadvertently discovered a means to circumvent the lock screen on his fully updated Google Pixel 6 and Pixel 5 devices, allowing anybody with physical access to the smartphone to unlock it. Bypassing the lock screen on Android smartphones is a straightforward five-step method that should only take a few minutes. Google repaired the security flaw...

Read More

Recent Growth of Fake LinkedIn Accounts

Recent Growth of Fake LinkedIn Accounts

November 17, 2022BlogNo Comments »

According to a KrebsOnSecurity article, the recent growth of phony LinkedIn accounts is causing an identity crisis for the business networking site and organizations that rely on it to hire and evaluate new workers. The fake LinkedIn profiles, created with content stolen from authentic accounts and AI-generated profile pictures, are giving corporate HR departments and invite-only LinkedIn groups enormous issues....

Read More