(954) 237-7797
Let's Talk
Blog
June 28, 2022 by Vertical Axion
Do you maintain a MySQL server? If so, you’re certainly not alone. What you may not know is that according to research conducted by The Shadowserver Foundation, (a cybersecurity research group) there are literally millions of MySQL servers visible on the internet that shouldn’t be. In all, the group found more than 3.6 million MySQL […]
Read more »
Tagged
June 11, 2022 by Vertical Axion
Do you own and manage a WordPress site either personally or as part of your business? Do you also use the Tatsu plugin which offers a powerful suite of in-browser editing features and has been installed by more than 100,000 users worldwide? If so, be aware that there is a serious security flaw in the […]
June 6, 2022 by Vertical Axion
HP recently released a BIOS update to address a pair of high-severity vulnerabilities that affect a wide range of PC and notebook products offered by the company. In both cases, the vulnerabilities would allow an attacker to execute code arbitrarily and with Kernel level privileges. The two flaws are being tracked as CVE-2021-3808 and CVE-2021-3809 […]
June 4, 2022 by Vertical Axion
Do you use a Zyxel firewall? If so, there’s good news. The company has fixed an issue you may not have even been aware that you had. The company pushed out the fix in a silent update a little over two weeks ago, but when they implemented the push, they didn’t provide many details about […]
May 28, 2022 by Vertical Axion
The MalwareHunterTeam recently discovered a new ransomware operation that is particularly nasty. Called Onyx, outwardly, the operation does what most ransomware campaigns do. It gets inside a corporate network, exfiltrates the data that it wants, then seems to encrypt the rest, and then threatens to release the files to the broader public unless their demands […]
April 2, 2022 by Vertical Axion
Do you rely on Microsoft SQL and MySQL databases? If so, be advised that the cybersecurity firm AhnLab recently published a report about a newly emerging threat. It seems that hackers are now targeting poorly secured Microsoft SQL and MySQLdatabases with a malware strain known as GhostCringe. If you’re not familiar with it, GhostCringe is […]
April 1, 2022 by Vertical Axion
Emotet is in the news again according to the latest information from email security firm Cofense. Emotet is notorious for spreading via phishing campaigns and this latest phishing campaign sees them impersonating the IRS. By all outward appearances, the emails look legitimate. The Emotet gang knows that with so many people feeling harried during tax […]
March 4, 2022 by Vertical Axion
Do you have a WordPress site? Do you use the PHP Everywhere plugin? If so, you’re not alone. More than 30,000 site owners have installed it. It’s an excellent plugin that dramatically enhances websites using it, because it allows webmasters to place PHP pretty much anywhere on the page to display dynamic web content. Wordfence […]
February 23, 2022 by Vertical Axion
Researchers at Avanan are a Check Point subsidiary. They have recently issued a warning that anyone who uses Microsoft Teams should be aware of. According to the latest statistics, more than 270 million people use Teams every single month. According to Avanan, hackers are breaking into Team chats and attaching malicious files to ongoing conversations. […]
February 22, 2022 by Vertical Axion
For most of the history of the internet Linux has been able to stay below the radar of hackers around the world. While there have been some attacks that specifically targeted Linux users, they’ve managed to keep a low enough profile that it hasn’t been a major issue. According to a group of researchers from […]
February 4, 2022 by Vertical Axion
The WP HTML Mail plugin has been installed on more than 20,000 websites. If you’ve built a WordPress site for your business and you use that plugin, be aware that you are at risk. A high severity security flaw was recently discovered in the plugin that could allow an attacker to perform a code injection […]
January 21, 2022 by Vertical Axion
By now you’re almost certainly aware of the Log4j Java issue. It’s a serious and fixable flaw relating to java logging. Recently the United States Federal Trade Commission (FTC) has issued a chilling warning to anyone who hasn’t yet fixed the flaw and protected against the vulnerability. The FTC’s statement reads in part as follows: […]
January 4, 2022 by Vertical Axion
Do you own and operate a WordPress website? Do you also use the “All in One” SEO plugin? If you answered yes to both of those questions, then be aware that you’ll want to update that plugin as soon as possible. Recently security researcher Marc Montpas from Automattic Security discovered and reported a pair of […]
December 4, 2021 by Vertical Axion
Are you a GoDaddy customer? Do you maintain a WordPress blog with the company? If so be advised that the company recently announced a breach of their network. An as yet unidentified third party accessed GoDaddy’s Managed WordPress hosting environment. Based on the investigation to date the intrusion began on September 6, 2021. While taking […]
November 16, 2021 by Vertical Axion
Are you a OneDrive user running Windows 7, Windows 8, or Windows 8.1? If so be aware that on January 1st, 2022 your OneDrive desktop application will reach end of support. The company offered the following by way of explanation: “In order to focus resources on new technologies and operating systems and to provide users […]
October 26, 2021 by Vertical Axion
Phishing attacks tend to focus on executive level targets. They focus on high ranking targets who have considerable system access. That appears to be changing. A recent trend tracked by researchers from Avanan has revealed that nearly half of all phishing emails analyzed in recent months were crafted to impersonate non-executives. Additionally more than three […]
October 11, 2021 by Vertical Axion
Hackers around the world are flexing their muscles. For reasons that aren’t yet clear they have been launching distributed denial of service (DDOS) attacks against Voice over Internet Protocol (VoIP) providers and it is leading to widespread voice outages. VoIP provider Bandwidth.com is the latest company to fall victim to these attacks. On the afternoon […]
October 7, 2021 by Vertical Axion
A new study recently published by the digital identity firm Beyond Identity contains a number of surprises relating to passwords and password security. This is information that IT professionals and small or medium-sized business owners should be aware of. While it is not a rigorous and scientific study the results of the company’s survey are […]
October 6, 2021 by Vertical Axion
Since the start of the Covid-19 pandemic online dating sites have seen a tremendous surge in memberships. People are seeking romance online since in person dating was sharply curtailed by lock downs. Naturally this proved to be an irresistible lure to scammers around the world. So much so that the FBI has recently issued a […]
October 1, 2021 by Vertical Axion
A new strain of malware which has been dubbed ‘Capoae’ has been spotted in the wild. It was written in Go and this strain targets Linux systems and WordPress installations. It was discovered by Larry Cashdollar. Larry is a senior security researcher at Akamai. Capoae is quickly becoming a favorite among threat actors because of […]
September 30, 2021 by Vertical Axion
Apple released a very important security update today. The update fixes a pair of zero-day vulnerabilities that have been spotted in use in the wild to attack both Macs and iPhones. One of the two has been used to install the Pegasus spyware onto iPhones. These two vulnerabilities are being tracked as CVE-2021-30860 and CVE-2021-30858 […]
September 29, 2021 by Vertical Axion
Some malware strains are built with robust protections in order to avoid detection. Zloader goes a step further and actually disables Microsoft Defender AV (formerly known as Windows Defender). That’s significant because according to stats provided by Microsoft Defender AV is preinstalled on more than a billion PCs running Windows 10. The hackers behind the […]
September 23, 2021 by Vertical Axion
Employee cyber security training is paying off according to a report recently released by IT security company F-Secure. Researchers from F-Secure analyzed more than 200,000 emails that had been flagged as suspicious by employees working for organizations around the world. They discovered that more than one third of those emails could be classified as phishing. […]
September 18, 2021 by Vertical Axion
Dozens of Netgear routers are vulnerable to a very old security flaw. The DNS rebinding flaws that these routers have date back to models the company put out as early as 2007. That means this issue has been lurking in the background for a very long time. It was recently brought to light by the […]
