Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

MGM Guests Exposed Online

Sorry about the clickbait, but it's actually worse than it sounds.
https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/
1
LVL 16

Expert Comment

by:Martin Nguyen
Read this last night. "Oh we didn't lose any CC info" to try to brush over the fact that names, addresses, birthdays, and phone numbers were exposed. Absolutely wild!
0
0
0
Misconfigurations are unfortunately a common error across the industry. We have solutions to help prevent this kind of mistake, but unfortunately, they were not enabled for this database. As we’ve learned, it is good to periodically review your own configurations and ensure you are taking advantage of all protections available
.
...says Microsoft after admitting a data leakage that exposed 250 Million Call Center Records, that included Clients’ email addresses IP addresses, locations, descriptions of CSS claims and cases, Microsoft Support Agent emails, case numbers, resolutions and comments, Internal notes marked as “confidential", as well as phone conversations between service agents and customers dating back to 2005, all password-free and completely unprotected.

But don't worry "we are taking it seriously and [are] working diligently to learn and take action to prevent any future reoccurrence"

->Too late, Microsoft. Those pesky phone scammers that call themselves "Microsoft support" will surely get their hands on that jackpot, somehow... "Hello Sir, my name is Robert, I am from Microsoft and I would like to come back to support case #xxx... that we were working on last week, please allow me to start a remote session right away" :-(
0
https://borncity.com/win/2019/12/09/falle-active-directory-kennwortrichtlinie-mit-15-zeichen/
There's a bug in standard domain password policies. Please verify if you are affected. In short: enforcing passwordss longer than 14 characters does NOT work unless you use PSOs. It will fall back to enforcing 6+ characters!

@Moderation: please do not delete this again without notifying me.
1
Microsoft doesn't normally send emails saying that you need to update.
https://www.techradar.com/news/dont-download-this-windows-10-update-its-packed-with-ransomware
0
Windows Update causing havoc with Access databases.

Access database applications world wide are experiencing errors related to a recent Windows update.

Reports are that people are getting an error when they run an update query that attempts to directly update a table in Access 2010, 13, and 16.  Here is a link to the Office support post about this.

https://support.office.com/en-us/article/access-error-query-is-corrupt-fad205a5-9fd4-49f1-be83-f21636caedec

Another web site provides this information:

It appears that a security update for the CVE-2019-1402 vulnerability in each version of Microsoft Office causes this error. Here is the list of Office security updates that you can uninstall.

    Office 2010: Description of the security update for Office 2010: November 12, 2019 (KB4484127)
    Office 2013: Description of the security update for Office 2013: November 12, 2019 (KB4484119)
    Office 2016: Description of the security update for Office 2016: November 12, 2019 (KB4484113)

1
LVL 68

Expert Comment

by:McKnife
0
0
[Heads Up] - Australia Post SMS - Scam Twist

I just got a twist on the Australia Post SMS scams. I get parcels delivered fairly regularly by Aust Post so I was surprised to get this SMS as I wasn't currently expecting one. It looked genuine and the number was spoofed successfully enough for the SMS to appear along with my other Aust Post notifications. It read:

You parcel: 068077299909
will not ship from distribution
center due to unverified
shipping address.
Track your package:
http: // wtrgt DOT com / qOo    (link has been purposely broken by me)

The grammar error was enough to alert me to the scam, as well as the link using http instead of https, and the wtrft domain being used instead of mypo.st which is where genuine Aust Post SMS alerts come from, but I can see how it might be easy to overlook and just tap the link.

I checked the tracking number on Aust Post website for giggles and sure enough, that's phony too. No surprise there. Keep an eye out if, like me, you also get parcels delivered by Aust Post.

Regards, Andrew


0
Over 7000 German QNAP NAS devices have qsnatch malware. Infection vector appears to be unknown at this point.
https://www.kyberturvallisuuskeskus.fi/en/news/qsnatch-malware-designed-qnap-nas-devices
0
Here's a security headline you would never have expected until this year.
"Russian security researcher finds API and firmware bugs impacting around 10,950 Xiaomi FurryTail pet feeders"
https://www.zdnet.com/article/security-researcher-gets-access-to-all-xiaomi-pet-feeders-around-the-world
0
1
Security flaw involving third party keyboards in iOS 13 and iPadOS: https://support.apple.com/en-us/HT210613
0
0
Speaking of voice scamming, here's a rather catchy warning about cyber security, courtesy of Emerates Bank: https://vimeo.com/344959412
1
1
Thousands of dollars and new kit up for grabs if you can blow a hole in Zuck's video-conf gear

https://www.theregister.co.uk/2019/08/28/pwn2own_facebook_portal/ 
0
1
0
1
0
A interesting Bunndle for Security Penetration Testing learning and also sure to keep on eye for offers.

https://deals.thehackernews.com/sales/2018-cybersecurity-bundle
0
1
1
LVL 3

Expert Comment

by:Ryan
Glad you liked my post.  I get most of my info from toms hardware and technology review.

Ryan,
Denver, CO
0
LVL 3

Expert Comment

by:Ryan
I haven't had any problems with Windows 10 upgrades.  Not so far anyway.
0
Synology® Urges All Users to Take Immediate Action to Protect Data from Ransomware Attack

https://www.synology.com/en-global/company/news/article/2019JulyRansomware
1

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.