How often do we download apps? Do we know what private information we’re allowing the app to collect or access?
Cyberattack Costs for US Businesses up by 80%
Published Sep 23 2022 3:09 PM
The costs of a breach continue to climb demonstrating the need for better cybersecurity. Tools are an essential part of that protection. But breaches have shown they won’t catch everything. OneBrightlyCyber adds services that combined with tools significantly enhances protections.
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability
Published Sep 23 2022 3:07 PM
Zoho ManageEngine is a widely used software package. A recently discovered flaw allowing remote execution of any code and rated at 9.8 out of 10 for seriousness by CISA is being exploited. Zoho addressed the issue by removing the risky components. Clients need to install the patch as soon as possible.
Morgan Stanley fined millions for selling off devices full of customer PII
Published Sep 23 2022 3:01 PM
Financial Services companies have some of the strictest regulations for protecting private information. And they assure us they do. Yet Morgan Stanley sold thousands of devices full of client PII. Yet, they didn’t follow up to make sure the devices were securely wiped or destroyed as required.
The root certificate is what allows a device, computer, phone, router, firewall, medical or industrial device, really anything to communicate with other devices. It does this by confirming who it says it is creating the trust necessary for devices to communicate.
Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack
Published Sep 9 2022 9:44 AM
Masquerading as a desktop version of the popular Google Translate app, this attack downloads malware that hides before activating to download crypto mining software that turns the compromised machine into a bot used for mining crypto currency.
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks
Published Sep 9 2022 9:39 AM
This is a newly discovered means of creating ServHelper backdoor attacks. Backdoor attacks are especially devious. This one circumvents authentication tools and remains persistent meaning that attempts to remove it fail or it reinstalls itself.