+1 9542377797
Let's Talk
Blog
March 30, 2021 by Vertical Axion
In early January of this year (2021), Microsoft informed security expert Brian Krebs that the company found four zero-day security flaws in their Exchange Server. Those flaws were actively being exploited by a persistent threat group known as Halfnium, sponsored by the Chinese government. According to Microsoft’s statistics, more than 30,000 Exchange Servers had already […]
Read more »
Tagged
March 29, 2021 by Vertical Axion
Recently, Microsoft made an announcement regarding the particulars of Windows Server 2022, and there’s a lot to like in terms of built-in protections. That is amazing, even if you’re not especially concerned about security. Here’s a quick overview of what you can expect: First and foremost, Server 2022 will incorporate “Secured-Core” technology already in use […]
March 27, 2021 by Vertical Axion
In terms of ransoms paid, Ryuk is the most successful strain of ransomware in use today, having netted an estimated $150 million for the group behind the malicious code. According to a recent report published by France’s national cybersecurity agency, it just got even more dangerous. Ryuk has historically been used preferentially against hospitals and […]
March 26, 2021 by Vertical Axion
Recently, researchers have discovered two new ransomware strains, dubbed “AlumniLocker” and “Humble”, both of which have very different ways of doing what they do. This highlights the ongoing development and diversification of the larger ransomware threat and underscores the fact that it will be a major cause for concern in the years ahead. Both new […]
March 24, 2021 by Vertical Axion
Most apps these days make use of cloud storage in order to minimize their footprint on your device. That’s good in theory, but based on new research from Zimperium, a disappointing percentage of app developers don’t do nearly enough to secure the data they’re housing for you. In fact, the recent study indicated that fully […]
March 22, 2021 by Vertical Axion
In late 2020, QNAP discovered a pair of critical security vulnerabilities that would allow hackers to take remote control over network attached storage devices (NAS). In this particular instance, the hackers chose not to encrypt files and demand payment or cause other mayhem. Instead, they made slaves of the devices and put them to work […]
March 20, 2021 by Vertical Axion
Macros have been a simple, effective means of spreading malware since the 1990’s, and some hackers still rely on them heavily to ensnare and infect unsuspecting users. It’s a long standing issue that many companies have attempted to address over the years. Now, it seems that it’s Microsoft’s turn at bat again. Recently, the Redmond […]
March 19, 2021 by Vertical Axion
Recently, two different security researchers (Clement Lecigne of Google’s Threat Analysis Group, and Alison Huffman from Microsoft’s Browser Vulnerability Research Group) discovered a pair of serious security vulnerability impacting Apple devices. The bugs, tracked as CVE-2021-1844 and CVE-2021-21166 respectively, are browser-based memory issues that could have allowed remote code execution if the victim navigated or […]
March 18, 2021 by Vertical Axion
There’s a mix of bad news and good in the ongoing war against the hackers of the world. For the bad news, security professionals have recently detected a sophisticated phishing campaign that makes use of SendGrid and convincing replicas of Outlook on the Web and Office 365 logins to harvest credentials. The attack works like […]
March 17, 2021 by Vertical Axion
Microsoft has been busy of late, making a raft of improvements to their email system that are designed to enhance user security. Not long ago, they added a fantastically useful feature called ‘Plus Addressing’ which allows Office 365 users to make use of an unlimited number of disposable recipient email addresses and track email sources. […]
March 15, 2021 by Vertical Axion
A few months ago, it became widely known that there was a critical security vulnerability in Accellion FTA servers. Naturally, hackers wasted no time exploiting the vulnerability, and since then, we’ve seen a few instances of high-profile data breaches traced back to that very vulnerability. Flagstar bank is the latest such victim. Recently, the company […]
March 12, 2021 by Vertical Axion
Strange things are afoot at Kia Motors America (KMA), a subsidiary of Kia Motors with more than 800 dealerships scattered across the United States. Recently the company has reported a nationwide IT outage that is impacting their mobile UVO Link apps, phone services, the company’s payment system, and a number of dealer-specific applications. If you’re […]
March 10, 2021 by Vertical Axion
Barely a week ago, Patrick Wardle announced the discovery of the first piece of malware capable of slipping past the defenses of Apple’s M1, which was considered to be among the most secure commercially available technology. Now, it seems, there are two. Researchers from Red Canary and Malwarebytes jointly discovered an insidious, stealthy malware strain […]
March 6, 2021 by Vertical Axion
Kroger, a titan in the US supermarket industry, is the latest company to fall victim to a data breach. In this case, the breach came about via a third-party service the company utilized called Accellion FTA. Hackers were able to exploit a Zero-Day vulnerability in that software and use it to steal data from vendors […]
March 5, 2021 by Vertical Axion
If you’re a Google Chrome user, then you’ve probably already used or at least seen the Password Checkup feature in action. It’s the little popup box you see when you type in a password to a website that requires a login and Chrome detects that the password has been compromised. At that point, you’ll get […]
March 4, 2021 by Vertical Axion
Hackers have found a new tool in their never-ending quest to cause trouble. They’ve begun abusing the Apps Script business application developed by Google in a bid to steal credit card and personally identifiable information. That’s significant because given Google’s dominant position on the internet, the Apps Script is widely trusted by the market. That […]
February 27, 2021 by Vertical Axion
Do you use the app “ShareIt?” It’s one of the most popular apps in the ecosystem, boasting more than a billion downloads from Google’s Play Store and nearly 2 billion downloads overall (including the Windows, iOS and MacOS ecosystems). On top of that, its original creator, Lenovo, preinstalled it on all Lenovo phones, which may […]
February 26, 2021 by Vertical Axion
Patrick Wardle is a legend in the Apple ecosystem, and one of the best independent security researchers out there. Not long ago, he sang Apple’s praises for the security of their M1 processor. More recently however, he made a rather disturbing discovery, finding malware in the wild that specifically targets the new chip. Wardle had […]
February 24, 2021 by Vertical Axion
Is your company’s website built around WordPress? It wouldn’t be much of a surprise if that were the case. 24As the most popular platform on the web, there are tens of millions of WordPress sites out there, both personal and business. One of the things that makes WordPress so attractive is that it’s insanely easy […]
February 23, 2021 by Vertical Axion
For a time, a few months ago, it seemed like the gang behind the dreaded Trickbot network and malware was on the ropes. Law enforcement had rocked the group back on its heels and confiscated or shut down large swaths of its network and it appeared that the group wasn’t long for the world. Rumors […]
February 20, 2021 by Vertical Axion
Do you use the popular Android app, “Barcode Scanner?” If so, you’re certainly not alone. The app has racked up more than 10 million downloads on Google’s Play Store and is one of the most popular apps in its class. It’s a simple, straightforward bit of code that does exactly what it sounds like it […]
February 19, 2021 by Vertical Axion
Do you feel as though you get a lot of spam mail? If so, you should know that you actually get almost a hundred times more than what you think you’re getting. However, most modern email systems (including Google’s G-mail) do a spectacular job of filtering, which keeps the vast majority of it from ever […]
February 18, 2021 by Vertical Axion
Not long ago, a critical flaw in Linux SUDO was discovered and is being tracked as CVE-2021-3156. Given the nickname “Baron Samedit,” it’s a flaw in a Unix program that allows system admins to provide root level privileges to any users listed in the “sudoers” file. More disturbing, however, is the fact that just over […]
February 17, 2021 by Vertical Axion
Google’s Project Zero security team has an impressive track record when it comes to chasing down and addressing the most critical security flaws found. They’re tireless in their work, which has saved untold billions of dollars and hampered the efforts of hackers all over the world. The team has gathered some rather shocking statistics, however, […]
