Category: Uncategorized

Are you backing up your Office 365? (Probably not)

By: Kaleb Brown When purchasing Office 365, you’ve probably been under the impression that your information is safe and secure. You pay a monthly (or annual) fee for this service and you’ve never noticed anything missing so is it safe to assume it is being backed up? Short answer – No. In the case that […]

The home security system that can be hacked with your email address

By: Paul Ducklin A researcher at vulnerability and red-team company Rapid7 recently uncovered a pair of risky security bugs in a digital home security product. The first bug, reported back in May 2021 and dubbed CVE-2021-39276, means that an attacker who knows the email address against which you registered your product can effectively use your […]

Cybersecurity and Infrastructure Security Agency Advisory

By: Brooke Baggett An advisory has been issued this week by the FBI and CISA (Cybersecurity and Infrastructure Security Agency). This advisory (link provided below) is not the result of a direct cyber threat, rather it reminds and warns us about the increased potential for ransomware attacks during holiday weekends. This advisory provides a list […]

T-Mobile CEO: Hacker brute-forced his way through our network

By Sergiu Gatlan Today, T-Mobile’s CEO Mike Sievert said that the hacker behind the carrier’s latest massive data breach brute forced his way through T-Mobile’s network after gaining access to testing environments. The attacker could not exfiltrate customer financial information, credit card information, debit or other payment information during the incident. However, T-Mobile says that he stole records […]

T-Mobile says hackers stole records belonging to 48.6 million individuals

By Sergiu Gatlan T-Mobile has confirmed that attackers who recently breached its servers stole files containing the personal information of tens of millions of individuals. The massive breach impacts roughly 7.8 million T-Mobile postpaid customers, 850,000 T-Mobile prepaid users, and approximately 40 million former or prospective ones. Adding it all up, the attackers stole records belonging […]

Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now

By Lawrence Abrams Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. Before we get to the active scanning of these vulnerabilities, it is important to understand how they have been disclosed. ProxyShell is the name for three vulnerabilities that perform […]

Windows “PetitPotam” network attack – how to protect against it

by Paul Ducklin French researcher Gilles Lionel, who goes by @topotam77, recently published proof-of-concept code that attackers could use to take over a Windows network. The hack, which he has dubbed PetitPotam (which is a nod to the endangered Pygmy Hippopotamus, as far as we can tell), involves what’s known as an NTLM relay attack, […]

To Pay or Not to Pay?

By: Greg Hayman, Kaleb Brown, and David Watson Computer Networks for Businesses continue to be under fire. They’re being attacked by old and new Cyber Threats. The question is whether you should protect your network against Cyber Attacks or just deal with it WHEN it happens. Just this week, Our IT Department met with the […]

Kaseya patches VSA vulnerabilities used in REvil ransomware attack

By Lawrence Abrams Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers. Kaseya VSA is a remote management and monitoring solution commonly used by managed service providers to support their customers. MSPs can deploy VSA on-premise using their servers or utilize […]