February Patch Tuesday: Hackers Say Hello

Telegram Messenger Exploited Again Back in March 2017 we saw “Secure” WhatsApp and Telegram messenger applications being exploited by the user receiving a seemingly harmless image file which actually hosts malicious HTML code. This code directs them to a webpage specifically crafted to harvest personal data from the user device and hijack their accounts. Today…

ManageEngine Exploited: Zero-Day Flaws Revealed

3 of 5 Fortune 500 Companies Exposed to ManageEngine Zero-Day Vulnerabilities ManageEngine has multiple zero-day vulnerabilities, leaving their applications open to major exploitation. The research group Digital Defense released a post stating “[We are] disclosing multiple vulnerabilities identified on various ManageEngine applications discovered by our Vulnerability Research Team (VRT).” What we know is that ServiceDesk Plus,…

Internet of Threats: Third-Party Patch Update

Managing the Risks of IoT Our definition of a necessary third-party patch is about to get much broader. With more IoT devices connecting to your network, it becomes mandatory to know what’s out there. Back in May 2017, an 11-year old boy took the stage and showed that cybersecurity is about to get much more difficult.…

“Insane Garbage” Patches Disrupt Devices

Intel Warns of Faulty Meltdown and Spectre Patches If you thought the Meltdown and Spectre threat had passed, Intel has some bad news: don’t install their updates! In a statement released by Intel, their EVP Neil Shenoy stated: “We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment…they may…

Intel AMT Laptop Hack

Hacked Within a Minute Intel is dominating the cybersecurity headlines again for the wrong reasons. F-Secure, a Finnish based cybersecurity firm, has reported their researchers discovered an easy manipulation of Intel Active Management Technology, or AMT, which bypasses the login processes. This behavior bug could allow anyone with physical access to your laptop to set…

January Patch Tuesday: Spectre Patch Challenges

Patch Priorities and Dealing with Spectre Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This has been widely breaking the news over the past week known as Spectre. Should this be your number one priority? Robert Brown,…

CPU Meltdown: Emergency Patching For Every Device

Protect Yourself from the Worldwide ‘Meltdown’ Reports across the internet are confirming that every CPU since 1995, whether it’s Intel, AMD, ARM, or other, has a major security flaw. According to Google’s Project Zero, and admissions by the CPU’s own manufactures, there is an issue with how chips handle speculative execution, allowing access to passwords…

2018: Year of the IoT Hackers

What’s Coming in 2018? As we reflect on 2017 and the massive amount of high-profile security breaches from the past year, we ask ‘what could 2018 possibly bring’? This year we’ve had Equifax compromised, TeamViewer exploited, BitPaymer disrupting, and the worldwide-felt WannaCry attack. 2017 was a year of escalating ransomware and cybercrime. But 2018 will…