Insights

Threat Modeling – Do You Need It?

Threat modeling is a discipline that may be viewed as too time consuming or not necessary. This Insight explains why it is an essential practice for keeping your company and all its information cyber safe. 

Threat modeling is necessary


Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation

A bug in Windows allows attackers to escalate privileges up to the full system level.  Microsoft has issued a patch. It needs to be installed as soon as possible.  

New MS privilege escalation bug


FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults

Cybercriminals are stealing pictures from the internet, of children and adults. They use AI to modify them to show the subjects in sexually explicit ways and then threaten to post them if you don’t pay them. 

Stolen and altered photos used for ransom


Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices

People are always looking for a bargain. Here the lure is free popular apps. But what you really get is an Adware infection.  

 

Fake free apps deliver malware

 


Verizon DBIR: Social Engineering Breaches Double, Leading to Spiraling Ransomware Costs

People are the cause of a high percentage of breaches. Social engineering is the way it happens. This report shows that the increase in people falling for social engineering results in higher ransomware costs. 

 

People cause higher ransoms


Why OBC’s Approach will Keep You Safer

There are many sources of information on your cyber risks. But we believe that the only effective approach to cyber is both comprehensive and simply delivered. Displayed in an easy to read dashboard and delivered the way you want.

 

OBC can keep you safer


421M Spyware Apps Downloaded Through Google Play

Google works to keep malware out of the apps in Google Play. But clever criminals found a way past the protections allowing over 420,000,000 downloads of the malware.   

 

Malware slipped into Google Play


Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace

Google Drives are used by many as a free way to share documents and more. But a newly discovered vulnerability allows cybercriminals to steal your information and leave no trace. 

 

Google Drive data can be stolen with no trace


Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security

Fingerprints are used by some devices in place of a username and password. But now another way to compromise them has been discovered. It allows an unlimited number of tries to gain acceptance bypassing the limit built into the software on Android and iPhones. 

 

Fingerprint scanners not secure


Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

Pi is a popular computer language used by many companies making it a favorite target of attackers. Now a new vulnerability is being exploited that allows the attack to evade detection. 

 

More Pi malware