It's a big day in Tech world with the annual Apple new Device release event set for today. Expect emphasis on new Apple watch 6 and iPad Air to take center stage. But first let's deal with a huge security issue.
"Unbeknownst to many, last month Microsoft patched one of the most severe bugs ever reported to the company, an issue that could be abused to easily take over Windows Servers running as domain controllers in enterprise networks."
If your organization runs Windows server there is an update that is imperative your IT support techs apply to your servers. A flaw in the Netlogon authentication process allows an attacker to exploit the cryptographic algorithm used to verify identity of a computer on a domain network.
The update has been available since Patch Tuesday of August 2020, it is known as CVD-2020-1472 and if your server is behind in updates then you are vulnerable. The flaw has received a severity rating of 10, the details are only coming out now more than a month after the update was released because the vulnerability was too dangerous to make public.
"But in a blog post today, the team at Secura B.V., a Dutch security firm, has finally lifted the veil from this mysterious bug and published a technical report describing CVE-2020-1472 in greater depth.
And per the report, the bug is truly worthy of its 10/10 CVSSv3 severity score."
For more info, please follow this link.
Apple Event. Because of Covid-19, the 2020 Apple event will be held virtually at 10 a.m. PDT from Apple Park.
You can add the event to your calendar and obtain a link to the event by going to;
https://www.apple.com/apple-events/
For insight into the new products and features, please visit the links below.
https://9to5mac.com/2020/09/14/apple-september-event-what-to-expect/
COVID cybercrime: 10 disturbing statistics to keep you awake tonight
Not everyone has been sidelined by the Corona virus. Hackers are out in force trying to steal your info/credentials and ultimately, finances. 9 out of 10 coronavirus related domains are scams and a half a million Zoom accounts have been compromised and are available on the Dark Web.
With so many new remote workers there has been a huge increase in desktop connections using RDP (remote desktop protocol) which has created a huge number of new targets for the bad guys. The speed at which all these new connections have been created has led to mistakes in implementation and many remote devices are not secured. This has led to a 400% increase in brute-force attacks.
In addition email scams related to Covid-19 were up 667% in March, 2020 alone.
The following is amazing to me but with so many people getting their news from social media, I guess I shouldn't be surprised;
In a test performed in late March, researchers found that users are three times more likely to click on a phishing link and then enter their credentials than they were pre-COVID. Of course, it doesn't hurt that those phishing emails often used words like "COVID" or "coronavirus, "masks", "test", "quarantine" and "vaccine."
Be careful; for more details follow the link below,
No comments:
Post a Comment