DecryptedTech DecryptedTech DecryptedTech DecryptedTech

From The Blog

Recent Comments

Most Read

Thursday, 17 February 2022 10:20

Trickbot Evolves as The Developers Target Customers of Multiple Financial Institutions

Written by
Trickbot Evolves as The Developers Target Customers of Multiple Financial Institutions

Researchers have identified Trickbot in use in campaigns targeting several financial institutions. These groups along with a few tech companies thrown in a predominantly in the US and appear to be using an evolved version of the malware to get in and avoid detection by legacy anti-malware (signature based). It is usually part of a targeted spearphishing campaign where poisoned office documents are either contain links to malicious websites or can contain HTA code to execute a PowerShell command to download the second stage of the malware.

Read 1041 times
Published in Security Talk
Be the first to comment!
Read more...
Thursday, 17 February 2022 08:14

Joint Advisory from the NSA, FBI and CISA Warns of Long-Term Attack by State Actors with Little Detail.

Written by
Joint Advisory from the NSA, FBI and CISA Warns of Long-Term Attack by State Actors with Little Detail.

Life would not be the same without new popping up that one state level threat actor or another was attacking and compromising US defense contractors or other businesses linked to US national security and defense. The counties of origin for these actors become a blur over time, although you do see some highlighted depending on current political trends. The two most often bandied about are Russia and China with North Korea getting an honorable mention.

Read 832 times
Published in Security Talk
Be the first to comment!
Read more...
Wednesday, 16 February 2022 13:45

After Apple Unveils Privacy Features that Block Meta Tracking, Google Says they Can Do it Too

Written by
After Apple Unveils Privacy Features that Block Meta Tracking, Google Says they Can Do it Too

A couple of weeks ago Meta, Facebook’s parent company, announced that they were losing money (to the tune of $10 Billion) due to changes in the way Apple mobile devices handle user tracking by apps. The move by Apple was a bit of a surprise considering some of Apple’s history, but when you consider that Apple and Meta will probably be VR competitors it was not that much of one. The announcement also caused many to wonder if Google would follow suit.

Read 1340 times
Published in Security Talk
Be the first to comment!
Read more...
Wednesday, 16 February 2022 12:57

Is Firefox Going away and Taking Privacy Options with It?

Written by
Is Firefox Going away and Taking Privacy Options with It?

Firefox was once one of the leading “alternative” browsers on the internet. After the death of Netscape Firefox came along and offered people an alternative to the building Windows Internet Explorer and even to Safari on macOS. This trend continued into the mobile arena, at least until Google launched the Chrome Browser. Although Chrome had a bit of a rocky start (with clear indications of data collection), it has grown in popularity and gobble up about 64% of the browsing on the internet.

Read 1489 times
Published in Security Talk
Be the first to comment!
Read more...
Wednesday, 16 February 2022 08:13

Apache Cassandra Database Manager Patches an RCE Vulnerability

Written by
Apache Cassandra Database Manager Patches an RCE Vulnerability

Apache and their open-source tools have gotten a lot of press lately. After the Lgo4Shell vulnerability in their Log4J tool, and the massive response from vendors and security organizations we are now learning that researchers have discovered a remote code execution flaw in the NoSQL database management tool Cassandra. This time, unlike Log4J flaw the disclosure comes with a patch already available for installation.

Read 1327 times
Published in Security Talk
Be the first to comment!
Read more...
Wednesday, 16 February 2022 06:31

Meta Settles 2012 Data Privacy Lawsuit to the Tune of $90 Million.

Written by
Meta Settles 2012 Data Privacy Lawsuit to the Tune of $90 Million.

Meta (Facebook) has a long history of privacy and other abuses of the platform they control. We have seen everything from abusing facial recognition technology to tracking users’ internet history after existing the platform. These types of abuses are concerning for both obvious and not so obvious reasons. On the surface the collection of personal information outside of actual platform use by Facebook is not a good thing, but when you also roll in the fact that large tech groups like Facebook also share information with government agencies freely and without recourse it makes the problem larger.

Read 973 times
Published in In Other News
Be the first to comment!
Read more...
Tuesday, 15 February 2022 14:30

Google Patches the First Zero-Day in Chrome for 2022

Written by
Google Patches the First Zero-Day in Chrome for 2022

Google has announced the release of a new version of Chrome. The new version comes with fixes for eight vulnerabilities. Once of these vulnerabilities CVE-2022-0609, which is describes as a user-after-free vulnerability is already being exploited in the wild. This has led them to advise users to updated Chrome as soon as possible to avoid compromise. The flaws were found by Google’s own Threat Analysis Group.

Read 1414 times
Published in Security Talk
Be the first to comment!
Read more...
Tuesday, 15 February 2022 07:32

CIA Found to have Run Bulk Data Collection Program that May Have Mishandled US Citizen Data.

Written by
CIA Found to have Run Bulk Data Collection Program that May Have Mishandled US Citizen Data.

On December 4th, 1981, then President Ronald Regan signed Executive Order 12333. This Order, further amended by EO13284 in 2003, 13355(2004) and 13470(2008), is what grants and governs the collection of intelligence by Federal agencies. These agencies include the NSA, the CIA and to a lesser extent the FBI and Department of Homeland Security. The collection of information includes what is often referred to as signal intelligence. This type of intelligence if the collection of any information that is transmitted via electronic means. This wonderful blanket definition has been the basis of many borderline illegal data collection programs and a few outright illegal ones.

Read 956 times
Published in In Other News
Be the first to comment!
Read more...
Monday, 14 February 2022 12:07

Network Management Software from Moxa Has Five Critical Bugs that Could Allow for an RCE Attack

Written by
Network Management Software from Moxa Has Five Critical Bugs that Could Allow for an RCE Attack

Management and a monitoring software are ubiquitous in the IT operation industry. They are force multipliers that allow for what are usually small teams to manage a large number of assets. By design they need to have elevated permission to accomplish their intended tasks. The problem is that these permissions also make them targets for attackers. This means that developers of these tools need to take extra steps to ensure that they are not vulnerable to attack or become the thing that compromises a network.

Read 906 times
Published in Security Talk
Be the first to comment!
Read more...
Monday, 14 February 2022 09:34

Cisco looking to Buy a Coner of the Market, makes a $20 Billion Buy Attempt of Splunk

Written by
Cisco looking to Buy a Coner of the Market, makes a $20 Billion Buy Attempt of Splunk

According to reports form the Wallstreet Journal, Cisco has attempted to take over Splunk for more than $20 Billion. The acquisition would be the largest in Cisco’s history by far. Cisco has a history of buying technology companies and integrating them into their product suite. The aftereffects of these purchases are not always ideal from a consumer perspective. Although though an offer has been made the two companies are not in active talks.

Read 1255 times
Published in In Other News
Be the first to comment!
Read more...

Follow Us

  • Follow Us

    Follow DecryptedTech on Social Media

    facebook twitter linkedin