Your weekly top 5 technical and security issues Nerds should pay attention to: CallStranger vulnerability lets attacks bypass security systems and scan LANs. CallStranger is a good reminder that we usually don\’t need uPnP in business. Test yours at ShieldsUp. The apropos-named and patented Don\’t Talk To Strangers (DTTS) allows uPnP to be enabled without the CallStranger risk.
Your weekly top 5 technical and security issues Nerds should pay attention to: The Impending Doom of Expiring Root CAs and Legacy Clients. If you think forgetting to renew a domain is painful, wait till you see what’s in store for the masses when a 20 or 25-year old self-signed root Certificate Authority expires. Major
Your weekly top 5 technical and security issues Nerds should pay attention to: Zero-day in Sign in with Apple. Glad this is fixed, glad Apple paid out $100,000 to a responsible researcher, but this is a good lesson in slow adoption of anything new that claims security at the outset. Cisco security breach hits corporate
Your weekly top 5 technical and security issues Nerds should pay attention to: The Nigerian fraudsters ripping off the unemployment system. \”Scattered Canary\” group is scamming vital benefits programs amid the pandemic. Not just America. Affects Canadians as well, so we need to all be on alert, whether or not you are employed. GrayKey iPhone
Your weekly top 5 technical and security issues Nerds should pay attention to: FBI, DHS to go public with suspected North Korean hacking tools. This details activity from Hidden Cobra hackers and will benefit blue teams and defenders everywhere. Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently. Stick
Your weekly top 5 technical and security issues Nerds should pay attention to: Zoom acquires Keybase to get end-to-end encryption expertise. Seems like a talent-acquisition/acqui-hire only by the accounts of Keybase. If so, sad for Keybase fans. Samsung patches 0-click vulnerability impacting all smartphones sold since 2014. This is significant. Anyone you love with a
Your weekly top 5 technical and security issues Nerds should pay attention to: Attackers exploit 0-day code-execution flaw in the Sophos firewall. Such a critical lesson in this for *us* is to never have webadmin publicly exposed. Google Play has been spreading advanced Android malware for years. Advanced hacker group seeded market with at least
Your weekly top 5 technical and security issues Nerds should pay attention to: Hackers target oil producers as they struggle with a record glut of crude. Ministers plan to give more UK public bodies power to access phone data. Meanwhile, during the same week, Israel halts police phone tracking over privacy concerns. A single line of
Your weekly top 5 technical and security issues Nerds should pay attention to: Microsoft April 2020 Patch Tuesday fixes 3 zero-days, 15 critical flaws. For SecurityNow listeners, you already knew about a number of these over a week ago, and hopefully applied mitigation techniques. Ring 0 of fire: Does Riot Games’ new anti-cheat measure go
Your weekly top 5 technical and security issues Nerds should pay attention to: PayPal and Venmo Are Letting SIM Swappers Hijack Accounts. Use better MFA or use virtual numbers for SMS that aren’t hijackable. Apple and Google are launching a joint COVID-19 tracing tool for iOS and Android. Very interesting read and take and again
COVID-19 is hitting businesses hard. Many have been forced to scale back on employees and services. In a situation like this, we know how important your critical IT functions are to supporting your team while they work from home. Nerds On Site is open and ready with the Supplemental IT Services you need to equip
Hi Everyone, We hope this finds you well. We’re all of us in the middle of a fast & sweeping whirlwind. New health & safety measures are announced from our local and national governments daily – and sometimes hourly – to deal with COVID-19 (Coronavirus). As we each try to understand how it will affect
Your weekly top 5 technical and security issues Nerds should pay attention to: Google offers and NSO group pitches to provide governments Coronavirus surveillance data. Privacy advocates are concerned. Android users, in particular, should be aware. This is not about whether you agree with stay-at-home or not, but how this will set the stage for our collective post-corona
Your weekly top 5 technical and security issues Nerds should pay attention to: Windows code-execution zeroday is under active exploit, Microsoft warns. Note the mitigations available. Cybersecurity experts come together to fight coronavirus-related hacking. Good info published which we can use to protect clients better. HHS.gov Open Redirect Used by Coronavirus Phishing to Spread Malware.
Your weekly top 5 technical and security issues you should pay attention to: Shadowserver, a critical internet safeguard, is running out of time and money. The work they do in conjunction with network operators, security researchers, law enforcement, and technology vendors is a mainstay of internet security work today. Google\’s Advanced Protection program for high-risk
Your weekly top 5 technical and security issues you should pay attention to: Wormable SMBv3 security risk in Windows. Out-of-cycle patch released by Microsoft. Super critical to patch. Necurs Botnet gets taken down along with over 6 MILLION malicious domains! 40 Million victims to-date. Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data. Surprise
Your weekly top 5 technical and security issues you should pay attention to: Kr00k is a new WiFi vulnerability affecting over 1 Billion devices. Great coverage on Security Now Episode 756. Wireguard is Arthur\’s favourite new VPN. Not their service, but the protocol which you can run on your own infrastructure. An Android Security App
Your weekly top 5 technical and security issues you should pay attention to: Firefox now defaults to DNS-over-HTTPS (DoH) in the US for new installs. Huge implications including user-unintentional security *bypass* for any security layers in companies that rely on DNS-based filtering. Sophos privatized (now completed) by Thoma Bravo. $3.8Billion acquisition. Apple uses its industry
Your weekly top 5 technical and security issues you should pay attention to: Nasty Android malware reinfects its targets, and no one knows how. Makes me wonder, are Android phones really cheaper in TCO calculations? Fraud Case in Charleston, S.C., Shines Light on Web\’s Dark Corners. Interesting what happens when IP (IPv4) addresses are in
Your weekly top 5 technical and security issues you should pay attention to: Escaping the Chrome Sandbox with RIDL. Attacks only get more sophisticated. There\’s finally a way to remove xHelper, the unremovable Android malware. Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Promiscuous Cookies and Their Impending
Your weekly top 5 technical and security issues Nerds should pay attention to: 5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras. Patch patch patch. Facebook\’s Twitter, Instagram Accounts Hacked. Always be careful with third party access! Signed hardware drivers used in order to delete security products. Always do security in layers.
Your weekly top 5 technical and security issues Nerds should pay attention to: Researcher Finds Over 60 Vulnerabilities in Physical Security Systems. Most of our favourite vendors are on that list. Sharepoint 2007 exploited in the wild, CVE-2019-0604 (Microsoft link). Hackers love .XYZ domains. Microsoft Leaves 250M Customer Service Records Open to the Web.Tomato Routers under attack. I wouldn\’t be
Your weekly top 5 \”What the heck?\” technical and security issues Nerds should pay attention to: BlueKeep use keeps growing in cryptocurrency mining and reverse shells. Windows 7 users vulnerable in IE and may never be fixed for out-of-support licenses. Endpoint Security (TrendMicro) zero-day was used to hack Mitsubishi. Microsoft Edge (Chromium-based) is out (even for macOS) and may
Operating a business guarantees that you are vulnerable to a cyber attack, putting you at risk of a costly data breach. This year alone, 43% of data breach victims were small businesses, discovered by the 2019 Verizon Data Breach Investigations Report. Some of the most common types of cyber attacks involve hacking, malware, phishing, and
Your business’s security is only as good as the passwords protecting it. If your company practices poor password hygiene, it’s easy for attackers to gain access to sensitive information, data, and even finances. Creating strong, unique passwords is necessary for every account (business or personal) you set up. Using insecure passwords (like “password”) or using
Every business faces the threat of cyber attacks. If you think your business is too small or doesn’t have valuable enough data for the bad guys to go after, think again. Everyone is a target. There is no single solution to protect your company from every potential threat to your systems and networks, but the
[vc_row][vc_column][vc_column_text] We hear a lot of talk today about the “Dark Web”. Stories abound about the nefarious goings-on and the sinister entities behind them. But what is the dark web, exactly? Who uses it? How does it affect you? And is it all bad? What Is The Dark Web? The dark web is a hidden
As your company grows, there is no doubt you will need a dedicated IT professional to oversee and manage your technology. Efficient use of time and proper protection of company data are essential for success, so hiring the right IT personnel to keep things running trouble-free is critical. A good IT professional doesn’t just fix
Hard drive crashes happen all the time. More than just being frustrating, they can bring your business to a standstill and cost you valuable time and money trying to retrieve lost files and business data. Hopefully, your most important data and files are safely backed up somewhere. If not, recovery can be difficult—but not necessarily
A slow computer can hurt your business’ bottom line—the minutes spent waiting for the computer to do what it needs to do add up to hours (or even days) each month of unproductive time. Plus, the frustration of these computer issues can add unnecessary stress to your workday, which isn’t ideal when there are other
Call our local computer support specialists.
We’re a full service IT company.
NEED A LOCAL NERD NOW?
Click on the button below and all the nerds in your area will be instantly alerted on their phones with all of your details.