Security Alert: Google Email Attack

Google is investigating a large-scale phishing attack involving malware that is currently spreading among users of its Gmail service. You will see a message similar to the one below!The message sent to Gmail users includes an invitation to view a shared Google Docs document.However the link leads to a self-propagating internet worm. DO NOT CLICK IT!Users are asked to log into their Google accounts by the malware, which doesn't ask for a password and appears to bypass two-factor authenticatio ...

Anti-virus products, security devices affected by 7-Zip vulnerability

Two vulnerabilities have been uncovered by researchers in a open-source Windows utility called 7-Zip. This program provides compression and archiving tools for files. While many of our readers may not know what, or who, 7-Zip is, it is likely that other products that you do use or know about rely on 7-Zip in their programs.Some of the vendors that have 7-Zip integrated include FireEye, Malwarebytes, and Comodo.This means whether you use 7-Zip directly or not, you may be vulnerable.Cisco Talos re ...

Top 25 Shameful Passwords of 2015

More and more passwords are becoming a daily part of your life. Considering that it is recommended to never use the same password at different sites or on different apps, it can become overwhelming. Despite that, there are just some things that you should not compromise for the sake of being easy. Below are the list of the top 25 worst passwords for 2015.Just as a quick reminder, while passwords are not the end-all-be-all in security, it pays to create secure ones. You should try to keep them at a minim ...

Cyber Breach – No One is Immune

This article is the first in a three-part series from Third Rock, a leading HIPAA Compliance and Risk Management provider, explaining the magnitude and business impact of cyber security breaches as well as steps you can take to protect your records and your organization.Recent headlines have reported that cyber breaches are occurring with greater frequency than ever before. Everyone is familiar with the cyber breaches of Target, Home Depot, JP Morgan, Sony, and most recently, the federal Office of Perso ...

Security Advisory: LastPass Compromised

According to LastPass their team found and blocked suspicious activity on their network. They claim that no evidence that any encrypted user vault data (where the passwords are stored) was taken.However they said that the investigation has shown that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised."We are confident that our encryption measures are sufficient to protect the vast majority of users. LastPass strengthens the authent ...

US-CERT: Microsoft Releases Critical Security Bulletin

Microsoft has released Security Bulletin MS15-011 (link is external) to address a critical vulnerability in Windows. Exploitation of this vulnerability could allow a remote attacker to take complete control of an affected system.This security update contains a new policy feature (UNC Hardened Access) which is not enabled by default. To enable this feature, a system administrator must deploy the update, then apply the Group Policy settings described in the bulletin. For complete protection agains ...

Security Advisory: New Adobe Flash Vulnerability

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux.  These updates address a vulnerability that could be used to circumvent memory randomization mitigations on the Windows platform.Adobe is aware of reports that an exploit for CVE-2015-0310 exists in the wild, which is being used in attacks against older versions of Flash Player.  Additionally, we are investigating reports that a separate exploit for Flash Player 16.0.0.287 and earlier also exists ...

Hackers Pay 20-times More for Medical Information

According to Kelly Yee, Vice President at Penango, the secure webmail and encryption company, hackers are willing to pay 20 times more for medical information than credit card information! The main reason is medical records are a smorgasbord of information, including social security numbers, personal information, and medical history. With information like this they can apply for credit cards, gain access to prescription medication, and much more.With the valuation of stolen credit card information going ...

Security Alert: U.S. government warns on bug in Apple’s iOS software

The U.S. government warned iPhone and iPad users on Thursday to be on the alert for hackers who may exploit a vulnerability in Apple Inc's (AAPL.O) iOS operating system that would enable them to steal sensitive data.There was the potential for hacks using a newly identified technique known as the "Masque Attack," the government said in an online bulletin from the National Cybersecurity and Communications Integration Center and the U.S. Computer Emergency Readiness Teams.Read the full story on Reuter ...

Hackers Are Exploiting Microsoft PowerPoint to Hijack Computers

Hackers are exploiting a security flaw in Microsoft Office by using PowerPoint to attack Windows users and gain control of computer systems.Microsoft, in a security advisory on its website, says there have been "limited, targeted attacks" against users through Microsoft PowerPoint. An attacker who successfully exploits the security flaw could gain complete control of the system. With that sort of control, hackers could execute code remotely, alter or delete data and install harmful programs, like malwar ...