(954) 237-7797
Let's Talk
Blog
November 11, 2022 by Spirit Technologies
A cyber-security threat actor known as SocGholish has compromised a JavaScript code used by an unnamed media content provider. The malware is being used to spread the FakeUpdates malware to major media outlets across the United States. More than 250 regional and national newspaper sites are affected by the malicious JavaScript. Some impacted media organizations […]
Read more »
Tagged
November 10, 2022 by Spirit Technologies
According to Microsoft’s latest announcement, businesses should assess security measures to defend against evolving cyber-security threats. Microsoft released its Digital Defense Report (MDDR) for 2022. Microsoft released alarming statistics about the cyber threats that the company has faced in the last year, including phishing, identity theft, and ransomware attacks. Microsoft Security Update Alerts Tom Burt […]
November 8, 2022 by Spirit Technologies
Virtual private networks (VPNs) are used to give users remote access to resources on corporate networks. However, several factors have revealed incompatibilities between VPNs and Zero-Trust security systems. Businesses are worried that VPNs are becoming a severe threat to their operations. According to a report by Zscaler, nearly half of information technology professionals have seen […]
November 7, 2022 by Spirit Technologies
It’s no secret that cyber attacks are on the rise, and that no company is immune to them. Dropbox, a cloud storage company, was the lastest victim when their GitHub account was compromised. This allowed attackers access to 130 code repositories, which contained sensitive data. Dropbox was notified of a potential breach on October 14th […]
November 5, 2022 by Spirit Technologies
Recently, Verizon experienced a minor but significant data breach. Between October 6, 2022, and October 10, 2022, an unknown malicious actor gained access to Verizon’s prepaid wireless accounts, compromising approximately 250 individuals. According to a letter to customers, Verizon discovered the breach after noticing “unusual activity” on its network. Due to the data breach, a […]
November 3, 2022 by Spirit Technologies
There is no doubt that Zoom has become very popular in the business and academic sectors, as it is widely used for video conferencing and voice-over IP (VoIP). Zoom issued a security bulletin at the beginning of October, informing users that an update was now available for download in response to an identified security flaw. […]
November 2, 2022 by Spirit Technologies
Phishing is one of the oldest forms of cybercrime. It continues to grow and evolve, making it difficult for people to defend themselves. Callback phishing scams are email campaigns that pose as expensive memberships to confuse recipients who have never signed up for these services. The email includes a phone number the receiver may call […]
October 31, 2022 by Spirit Technologies
An advanced PHP variant of the Ducktail malware poses a risk to Facebook users. On October 13th, 2022, ZScaler, a cloud security firm, published a blog post detailing this latest discovery. The new PHP version is being distributed by “pretending to be a free/cracked program installer.” It also targets numerous platforms, such as Telegram and […]
October 29, 2022 by Spirit Technologies
Microsoft announced the Azure DDoS IP Protection released as a public preview on October 19, 2022. Small and medium-sized businesses (SMBs) can now benefit from DDoS protection with a pricing model customized to their specifications. DDoS Protection provides similar capabilities to DDoS Network Protection (previously known as DDoS Protection Standard). It is designed for enterprises […]
October 27, 2022 by Spirit Technologies
Fortinet addressed a critical vulnerability that gave remote access to numerous services and was being exploited by threat actors in the wild. The company described the vulnerability as an authentication bypass on the admin interface, allowing unauthenticated users to connect to FortiProxy web proxies, FortiGate firewalls, and FortiSwitch Manager on-prem management instances. Specifically, the flaw […]
October 24, 2022 by Spirit Technologies
In light of a recent data breach, the City of Tucson, Arizona, is alerting approximately 123,000 citizens that their personal information has been compromised. The issue was detected in May 2022, but the city’s investigation didn’t conclude until last month. As detailed in the notification addressed to those impacted by the data breach, an attacker […]
October 22, 2022 by Spirit Technologies
According to a new Akamai analysis, the company’s experts classified about 79 million domains as dangerous in the first half of 2022; based on a NOD (newly observed domain) dataset, this is about 13 million malicious domains per month, representing 20.1% of all the successfully resolved NODs. According to Akamai, a NOD is any domain […]
October 20, 2022 by Spirit Technologies
After a source code leak was posted by an unidentified third party on 4chan and GitHub last week, the technology giant Intel has confirmed that confidential source code related to its Alder Lake CPUs has been leaked. The disclosed information comprises UEFI (Unified Extensible Firmware Interface) code for the company’s 12th-generation CPUs that were released […]
October 18, 2022 by Spirit Technologies
Turnstile, an ambitious new project from Cloudflare, aims to do away with the CAPTCHAs that are now being used on the internet to confirm users are not robots. Turnstile utilizes a revolving set of “browser challenges” to verify that visits to a website are not, in fact, bots. This service is free for all website […]
October 17, 2022 by Spirit Technologies
Some major U.S. airports’ websites were inaccessible early on Monday, October 10, 2022, due to a coordinated denial-of-service assault orchestrated by professional hackers. However, officials said flights were unaffected. The assaults, in which participants bombard sites with garbage data, were planned by a mysterious organization named Killnet. The group posted a target list on its […]
October 15, 2022 by Spirit Technologies
On October 4th, 2022 a cybersecurity incident has disrupted CommonSpirit Hospitals. With more than 150,000 employees, 20,000 physicians, and serving 21 million patients, CommonSpirit Hospitals is the second-largest nonprofit hospital system in the nation. In 21 states, CommonSpirit operates more than 1,000 care sites and 140 hospitals. CommonSpirit Hospitals announced it is investigating an “IT […]
October 13, 2022 by Spirit Technologies
This year, security experts have found three updated versions of Prilex malware that target point-of-sale systems. In 2014, Prilex was a type of malware that targeted ATMs. It switched to PoS (point of sale) devices in 2016, but it wasn’t until 2020 that the malware reached its peak. After that, it faded away in 2021. […]
September 30, 2022 by Spirit Technologies
Recently, researchers at Mitiga have sounded the alarm about a new Business Email Compromise (BEC) campaign. They discovered evidence of the campaign responding to another incident and have watched the campaign grow in scope and scale over time. Here’s how the attack works: The individual targeted by the campaign receives an email that appears to […]
September 29, 2022 by Spirit Technologies
Based on a recent survey conducted by the folks at Titaniam, a solid majority of organizations have robust security tools in place. Yet nearly 40 percent of them have fallen victim to a ransomware attack in the past year. How can this be? With conventional tools in place, how can this still be happening? The […]
September 28, 2022 by Spirit Technologies
In June, Wiz engineers discovered and reported #AttachMe, a critical cloud isolation flaw in Oracle Cloud Infrastructure (OCI). Due to its potential to affect all OCI customers, the #AttachMe cloud vulnerability is one of the most severe vulnerabilities discovered to date. The majority of the time, cloud isolation flaws only impact a single cloud service. […]
September 26, 2022 by Spirit Technologies
DuckDuckGo has a reputation for protecting the privacy of its users far more than most other companies. Last year, the tiny search engine announced that they were experimenting with a free service designed to dodge email trackers as a means of further protecting the privacy of its users. The company’s Email Protection service works by […]
September 23, 2022 by Spirit Technologies
Microsoft Teams is a part of the 365 product family and is used by more than 270 million people for exchanging text messages, videoconferencing, and file storage. In August of 2022, the team at Vectra Protect discovered a post-exploitation vulnerability in the plaintext storage disk used by Microsoft Teams while conducting research for a client. […]
September 22, 2022 by Spirit Technologies
Lenovo issued a security notice informing customers of multiple serious BIOS vulnerabilities affecting hundreds of Lenovo devices across various models (Desktop, All in One, IdeaCentre, Legion, ThinkCentre, ThinkPad, ThinkAgile, ThinkStation, ThinkSystem). Exploiting the vulnerabilities might result in the disclosure of sensitive information, an increase in privileges, a denial of service, and possibly even the execution […]
September 21, 2022 by Spirit Technologies
An unknown hacker, who claims to be eighteen years old, acquired administrative access to Uber’s corporate network and proprietary internal tools on Thursday, September 15, 2022. On September 15, 2022, at 6:25 pm PT, Uber issued a statement on Twitter that it was “responding to a cybersecurity incident.” An attacker gained access to the account […]
