Google has released Chrome version 91.0.4472.114 which updates 4 security flaws, including a high severity zero-day vulnerability which is being actively exploited. Users of the Google Chrome browser on Windows, Mac or Linux are advised to update asap. This version became available yesterday and will be available worldwide over the next several days. For instructions […]
The following Princeton University study on Security and Privacy Risks of Number Recycling at Mobile Carriers in the United States details the risks associated with recycling your phone number. You may want or need to relinquish a phone number for a variety of reasons, but it’s important to consider the potential fallout and available alternatives […]
CISA (Cybersecurity and Infrastructure Security Agency) has published step-by-step eviction guidance for removing the “adversary from compromised on-premises and cloud environments ”. Please note that FAQs can be found at the end of the document. For more additional information and resources, please see the following CISA advisory.
The FBI has issued a warning about the prevalence of scams using search engine ads and search engine results which purport to link victims to their financial institution(s). Instead, these sites are taking victims to spoofed sites and login prompts, which are designed to steal their credentials. Other specifics known about these scams are that […]
Please be advised that new updates, deemed urgent, were released for MS Exchange Server (2013 – 2019 versions) on April 13th, to address security vulnerabilities reported to Microsoft by the NSA. These vulnerabilities are being tracked as (CVE-2021-28480, 28481, 28482, and 28483). As you may recall, Microsoft did an out of band update in early […]
The DOJ has issued a warning about COVID-19 vaccine survey phishing scams. Scammers are seeking to steal both sensitive information and money. Scammers seek to obtain sensitive information via survey responses and engage in monetary theft by promising free gifts for completing the survey. Credit card information is stolen when victims supply it to pay […]
Please be advised of the following phishing message purporting to originate from NYU. Phishing Indicators: When an email asks you to take an action, such as clicking on a link or opening an attachment, evaluate the message carefully and ask yourself if you were expecting to receive it, and if not, whether you’re able to […]
Please be advised that Apple has released security updates to address a severe security vulnerability being tracked as CVE-2021-1879, which is being actively exploited, and affects multiple models of the iPhone, iPad, iPod and watch devices. The vulnerability, if exploited, would allow a malicious actor to steal data or deploy malware to compromise your data […]
As an update to our March 8th and March 9th blog posts on this subject, please note that both the scope and severity of the attacks on MS Exchange servers have reportedly been underestimated. The list of 30,000 victim organizations has grown significantly, with many victims compromised by several hacking groups. Exchange servers that were […]
As an update to yesterday’s post, Chrome Zero Day Being Actively Exploited (Update Now), please be advised that CISA (Cybersecurity & Infrastructure Security Agency) has published a web page, Remediating Microsoft Exchange Vulnerabilities, which provides guidance on specific steps that can be taken by leaders and technical staff. The guidance provided is applicable for organizations […]