In a bizarre sequence of events, after the CRM software company Zoho was taken offline by their domain registrar, they posted to Twitter asking for help getting their service back up and running again. When Zoho customer's contacted TierraNet, they were told the CRM service was taken down due to phishing violations.
At today's Ignite 2018 conference, Microsoft announced a new end-to-end security solution called Microsoft Threat Protection. Microsoft Threat Protection is designed to provide a view of an organization's overall threat landscape so that administrators can easily spot new threats and attacks.
To protect against embarrassing situations while in video meetings, Microsoft introduced a feature called Background blur in Microsoft Teams. This AI driven feature will use facial recognition to automatically blur out your background while in a video meeting using Teams.
With the release of Chrome 69, it was discovered that when you log into your Google account, or any Google service for that matter, you will also be automatically logged into Chrome whether you want to or not.
Western Digital has just released an hotfix firmware update to resolve the authentication bypass vulnerability (CVE-2018-17153) that had remained unpatched for over a year. This vulnerability allowed anyone to bypass authentication and get administrative access to the router.
This has been a busy week. We had a brewery hit, an airport's flight and arrival time displays taken out, and Dharma deciding to release three different variants in one week. The NSA CodeBreaker Challenge was also kicked off today and it has a ransomware theme this year.
This week we have seen three new Dharma Ransomware variants released that append either the .Gamma, .Bkp, & .Monro extensions to encrypted files.
Attackers are using freelance job sites such as fiverr and Freelancer to distribute malware disguised as job offers. These job offers contain attachments that pretends to be the job brief, but are actually installers for keyloggers such as Agent Tesla or Remote Access Trojan (RATs).
In an alert on Twitter, the social network is alerting users that for over a year, their direct messages and private tweets may have been sent to Twitter developers by mistake.
A zero day vulnerability in the Microsoft Windows Jet Database Engine has been disclosed by TrendMicro's Zero Day Initiative even though a security update is not currently available from Microsoft.
Google really wants to get rid of the WWW subdomain. First we had Google removing WWW in the Chrome 69 address bar and now there is some test underway to remove it from search results as well.
NSS Labs has filed an anti-trust law suit against CrowdStrike, Symantec, ESET, and the Anti-Malware Testing Standards Organization (AMTSO) over an alleged conspiracy to prevent independent testing companies from performing unbiased reviews of security software.
Last week Adobe released fixed 6 critical updates in their September 2018 monthly Patch Tuesday. It looks like they missed one, as Adobe released today an out-of-band security update for a critical vulnerability in Adobe Acrobat and Adobe Reader.
The malicious credit card stealing MageCart script behind the British Airlines and Feedify breaches have struck again, but this time against the Newegg online technology retailer.