DecryptedTech

Saturday01 April 2023

Subscribe to this RSS feed

Security Talk (124)

News, and Disucssions centered on Security

Another Day, Another Cloud Storage Campaign from the Molerats APT TA402

Posted on Monday, 24 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Another Day, Another Cloud Storage Campaign from the Molerats APT TA402
Dropbox, Google Docs and other cloud storage services are great tools for collaboration and to ensure that your files are kept, relatively, safe. These services can also be used by attackers with the right setup and files. The APT group…
Read 654 times
Be the first to comment!
Read more...

Emotet Leveraging Excel 4.0 Macros and Unconventional IP Addressing

Posted on Monday, 24 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Emotet Leveraging Excel 4.0 Macros and Unconventional IP Addressing
In a list of things that should be killed with fire, Excel 4.0 Macros are high up. However, the fat that Spamming “services” like Emotet are still using Excel 4.0 Macros tells me that some are not getting the hint.…
Read 884 times
Be the first to comment!
Read more...

Dark Souls has a Serious Remote Code Execution Bug During Online Play

Posted on Sunday, 23 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Dark Souls has a Serious Remote Code Execution Bug During Online Play
Online gaming is pretty much the way game developers want to go these days. However, online modes come with risks. With Arner Bros. Games it was Back 4 Blood’s online only progression created such a massive backlash they had to…
Read 1031 times
Be the first to comment!
Read more...

More Than a Month After Being Hit by Ransomware Kronos is Still Down

Posted on Friday, 21 January 2022 in Security Talk
Written by
Rate this item
(2 votes)
More Than a Month After Being Hit by Ransomware Kronos is Still Down
The Ultimate Kronos Group was the target of a Ransomware attack in Late 2021 coincidentally at the same time the Log4Shell vulnerability was disclosed. Kronos has not disclosed how the ransomware got into their environment, nor has it been revealed…
Read 2268 times
Be the first to comment!
Read more...

MoonBounce UEFI Malware linked to APT41 by Kaspersky Researchers

Posted on Friday, 21 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
MoonBounce UEFI Malware linked to APT41 by Kaspersky Researchers
APT group 41 also known as Winnti has been tied to a wonderful new piece of malware that does not infect your operating system, but the UEFI firmware on your device. The malware in question has been dubbed MoonBounce by…
Read 599 times
Be the first to comment!
Read more...

Cloud vendors and the security tax

Posted on Thursday, 20 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Cloud vendors and the security tax
SaaS is the de facto way of doing business for the SMB (and even for the enterprise). The costs of building your own infrastructure and maintaining it are just too high for most. Instead, it is easier and more cost…
Read 582 times
Be the first to comment!
Read more...

Microsoft Looks to Add Enhanced Zero-Day Protection to Edge

Posted on Tuesday, 18 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Microsoft Looks to Add Enhanced Zero-Day Protection to Edge
The current threat landscape has user account compromise and endpoint takeover as the most common first acts in a security event. The methods used to accomplish this are varied but include such blockbusters as poisoned websites and URLs embedded in…
Read 875 times
Be the first to comment!
Read more...

Apple IndexedDB API Same-Origin Flaw Exposes User Browsing Information

Posted on Tuesday, 18 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Apple IndexedDB API Same-Origin Flaw Exposes User Browsing Information
Remember the days when browsing the internet was simple, all you had to worry about was clearing your cookies and browser history and you were fine. Ok, so it was never truly that simple, but you get my point. Now…
Read 896 times
Be the first to comment!
Read more...

Reports of Stalking Via Apple Airtags

Posted on Monday, 17 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
Reports of Stalking Via Apple Airtags
It seems that Apple may have an issue with their AirTags, the small tracking devices that use the Apple device network to help you find items that you have put trackers on. They are similar although much more effective than…
Read 522 times
Be the first to comment!
Read more...

Security and the Small Business Owner

Posted on Monday, 17 January 2022 in Security Talk
Written by
Rate this item
(1 Vote)
Security and the Small Business Owner
“InfoSec” is a term that is most often associated with the enterprise class organization. However, information security is something that every business should be practicing. As we have talked about before the importance of building a security culture in even…
Read 517 times
Be the first to comment!
Read more...

Secure Infrastructure in the distributed workplace Featured

Posted on Thursday, 13 January 2022 in Security Talk
Written by
Rate this item
(1 Vote)
Secure Infrastructure in the distributed workplace
There was a time when the thought of secure infrastructure would bring items like properly configured IDS/IPS, Firewalls, Switches and Routers with hefty ACLs and 802.1x to mind. However, after Covid and even a bit before the traditional walled layout…
Read 536 times
Be the first to comment!
Read more...

All-in Vulnerability and Risk Management Featured

Posted on Thursday, 13 January 2022 in Security Talk
Written by
Rate this item
(0 votes)
All-in Vulnerability and Risk Management
It is a common belief that vulnerability management is nothing more than scanning and patching. However, as we have seen in many breaches and attacks, this is far from true. Vulnerability management is about understanding your organization and the risks…
Read 539 times
Be the first to comment!
Read more...

Page 8 of 8