(866) 695-2175 | Experiencing an IT Emergency?
Blog
June 23, 2022 by Vertical Axion
File this away under “good news, bad news.” The bad news is that there’s a new, critical zero-day threat to be concerned about. The threat has been dubbed ‘Follina.’ It is being tracked as CVE-2022-30190 and is being described by Microsoft as an MSDT (Microsoft Windows Support Diagnostic Tool) remote code execution flaw that impacts […]
Read more »
Tagged
June 22, 2022 by Vertical Axion
Are you planning on setting up an Exchange server soon or are you running one now? If so, be aware that Microsoft is changing their guidance when it comes to the technology and specifically running a server on-premises. Two years ago, the Redmond giant announced that the next versions of their Skype for Business Server, […]
June 21, 2022 by Vertical Axion
Unless you’re an IT Security Professional, you may never have heard of EnemyBot. It is a bit like the Frankenstein of malware threats, a botnet that has borrowed code from multiple different sources. While that’s not terribly original, it does make it dangerous. The hackers behind the code are actively adding new exploits as newly […]
June 20, 2022 by Vertical Axion
If you’re deeply involved in IT security, you may already be familiar with the ERMAC Android banking trojan. If this is the first time you’re hearing of it, be aware that the hackers who authored the malicious code have recently released ERMAC 2.0, which represents a significant upgrade in capabilities from the previous iteration. ERMAC’s […]
June 18, 2022 by Vertical Axion
Are you one of the legions of users making use of the Screencastify Chrome extension? It’s a fantastic Chrome extension that allows you to almost effortlessly create screencasts for a variety of purposes. Unfortunately, the web extension also suffers from a critical security vulnerability that allows attackers to take control of a user’s webcam and […]
June 17, 2022 by Vertical Axion
Are you a Google Chrome user? If so, be aware that the company recently released a stable version of Chrome 102 and is urging all users of its browser to update right away. The latest release contains a total of 32 security fixes on Windows, Mac and Linux. Of the 32 flaws addressed, eight are […]
June 16, 2022 by Vertical Axion
Do you own a Chevrolet, Buick, GMC, or Cadillac? If so, be aware that GM recently acknowledged that they fell victim to a credential stuffing attack a little over a month ago. The attack exposed some customer information to the attackers and allowed them to redeem an undisclosed number of rewards points for gift cards. […]
June 15, 2022 by Vertical Axion
Are you a Windows 11 early adopter? If so, you’ll want to grab the latest update KB5014019. It contains several important bug fixes including fixes for Direct3D app crashing issues, slow file copying issues, and an issue with the TPM (Trusted Platform Module) driver. Some users have reported the TPM driver was dramatically increasing system […]
June 14, 2022 by Vertical Axion
A browser hijacker called “ChromeLoader” has had a large uptick in detections this month, which is raising eyebrows among security professionals. ChromeLoader can modify a victim’s web browser settings to show search results that promote unwanted (and usually spammy) software, annoying pop-up ads, fake giveaways, adult games, dating sites, surveys, and the like. As malware […]
June 13, 2022 by Vertical Axion
HTML attachments as an attack vector may seem a little old school. However, according to statistics compiled by Kaspersky Lab indicates that in 2022, that form of attack is not just simply still being employed, but hackers are making surprisingly regular use of it. The security company detected more than two million emails of this […]
June 11, 2022 by Vertical Axion
Do you own and manage a WordPress site either personally or as part of your business? Do you also use the Tatsu plugin which offers a powerful suite of in-browser editing features and has been installed by more than 100,000 users worldwide? If so, be aware that there is a serious security flaw in the […]
June 10, 2022 by Vertical Axion
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory that serves as a stark warning. If you’re using VMware products that are impacted by recently disclosed critical security flaws, either patch them immediately or remove them from your network. CISA issued the dire warning because the last time critical security flaws were discovered […]
June 9, 2022 by Vertical Axion
If you’re not familiar with the term, a Zero Day exploit is a security flaw that the software vendor is not aware of and hasn’t yet patched. In many (but not all) cases, Zero Day Vulnerabilities will also have publicly available proof-of-concept exploits before a patch becomes available. Quite often, these flaws are being actively […]
June 8, 2022 by Vertical Axion
Phishing campaigns get more effective the more closely they can imitate a trusted source. Recently, security researchers at Fortinet discovered evidence of a phishing campaign that specifically targets Microsoft Windows users and installs three different types of malware on the systems it manages to infect. Among other things, this campaign gives the hackers behind it […]
June 7, 2022 by Vertical Axion
Security researchers employed by Microsoft have recently spotted a variant of the Sysrv botnet. They have dubbed the new variant Sysrv-K. This new variant works in two ways. First, it exploits a flaw in the Spring Cloud Gateway that allows remote code execution (tracked as CVE-2022-22947). Second, the botnet scans the web for WordPress plugins […]
June 6, 2022 by Vertical Axion
HP recently released a BIOS update to address a pair of high-severity vulnerabilities that affect a wide range of PC and notebook products offered by the company. In both cases, the vulnerabilities would allow an attacker to execute code arbitrarily and with Kernel level privileges. The two flaws are being tracked as CVE-2021-3808 and CVE-2021-3809 […]
June 4, 2022 by Vertical Axion
Do you use a Zyxel firewall? If so, there’s good news. The company has fixed an issue you may not have even been aware that you had. The company pushed out the fix in a silent update a little over two weeks ago, but when they implemented the push, they didn’t provide many details about […]
June 3, 2022 by Vertical Axion
It is the end of an era. Apple recently announced that they were discontinuing the legendary iPod, which is now in its 7th generation of production. When first released more than fifteen years ago, the iPod was an instant smash hit that almost singlehandedly created the digital music industry, moving it from the shadowy frontier […]
June 2, 2022 by Vertical Axion
If you’re a member of the Windows Insiders group, then you are likely already aware of this. If not, here’s something else to look forward to when Windows 11 is formally released. Microsoft has been experimenting with a new “Suggested Actions” feature when you copy data onto your clipboard. It all begins with Windows 11 […]
June 1, 2022 by Vertical Axion
At least one group of hackers has learned a new trick you need to be aware of. Security researchers at Kapersky Lab have discovered a malicious campaign-in-progress that is using event logs to store malware. That is a technique that has not been seen or documented until now. This new methodology is designed for maximum […]
May 31, 2022 by Vertical Axion
The name Kevin Beaumont may not be familiar to you, but if you’re a Linux or Solaris user, he may have just saved you a whole lot of grief. Recently, Mr. Beaumont discovered a stealthy backdoor malware that has been quietly infecting Linux and Solaris SPARC systems for more than five years. BPFdoor only parses […]
May 30, 2022 by Vertical Axion
Hackers around the world are increasingly targeting verified Twitter accounts with emails designed to pilfer your Twitter login credentials. Verified Twitter accounts differ from standard Twitter accounts in that they sport a large blue check mark next to the user’s name, which indicates that the person who owns the account is someone of considerable influence […]
May 28, 2022 by Vertical Axion
The MalwareHunterTeam recently discovered a new ransomware operation that is particularly nasty. Called Onyx, outwardly, the operation does what most ransomware campaigns do. It gets inside a corporate network, exfiltrates the data that it wants, then seems to encrypt the rest, and then threatens to release the files to the broader public unless their demands […]
May 27, 2022 by Vertical Axion
Google SMTP relay service is wildly popular and used every day by legions of users. Unfortunately, hackers around the world are aware of this and increasingly they’ve begun abusing the SMTP relay service. The basic idea is as follows. Some clever hackers have figured out that they can bypass email security products and deliver malicious […]
