Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Cybersecurity (Page 1 of 8)

A ransomware attack has shut down Baltimore’s public schools

f6fc6a50-bca3-11ea-aecf-a1580dc8f250Students in the Baltimore County Public Schools (BCPS) system have suddenly found themselves with an extra day off for the Thanksgiving holiday, but it wasn’t because of a snow day. As The Verge reports, an apparent ransomware attack took BCPS’ inter…

Source: https://www.engadget.com/baltimore-public-school-system-ransomware-attack-160600564.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By:

Spotify resets up to 350,000 passwords linked to third-party data leak

aa91e020-3899-11ea-9913-8dff9d89d026Spotify has reportedly begun resetting the passwords of up to 350,000 accounts that were breached as the result of a credential-stuffing attack. A company called vpnMentor, as found by ZDNet, says that it discovered a treasure trove of hacked account…

Source: https://www.engadget.com/spotify-rolling-reset-data-leak-151711849.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By:

What a Data Breach Policy Is and Why You Need One

d11a1626.png
Data breaches have always been disastrous, and new data privacy laws compel organizations to protect data subjects making the impact of breaches even worse. A Data Breach Policy will help protect you.

Read This Article on CloudSavvy IT ›

Source: https://www.cloudsavvyit.com/7778/what-a-data-breach-policy-is-and-why-you-need-one/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dave McKay

Google reveals a new Windows zero-day bug it says is under active attack

GettyImages-482300528-1.jpg?w=600

Google has dropped details of a previously undisclosed vulnerability in Windows, which it says hackers are actively exploiting. As a result, Google gave Microsoft just a week to fix the vulnerability. That deadline came and went, and Google published details of the vulnerability this afternoon.

The vulnerability has no name but is labeled CVE-2020-17087, and affects at least Windows 7 and Windows 10.

Google’s Project Zero, the elite group of security bug hunters which made the discovery, said the bug allows an attacker to escalate their level of user access in Windows. Attackers are using the Windows vulnerability in conjunction with a separate bug in Chrome, which Google disclosed and fixed last week. This new bug allows an attacker to escape Chrome’s sandbox, normally isolated from other apps, and run malware on the operating system.

Microsoft did not immediately comment when contacted by TechCrunch, but Project Zero’s technical lead Ben Hawkes said in a tweet that Microsoft plans to issue a patch on November 10.

In addition to last week’s Chrome/freetype 0day (CVE-2020-15999), Project Zero also detected and reported the Windows kernel bug (CVE-2020-17087) that was used for a sandbox escape. The technical details of CVE-2020-17087 are now available here: https://t.co/bO451188Mk

— Ben Hawkes (@benhawkes) October 30, 2020

But it’s unclear who the attackers are or their motives. Google’s director of threat intelligence Shane Huntley said that the attacks were “targeted” and not related to the U.S. election.

It’s the latest in a list of major flaws affecting Windows this year. Microsoft said in January that the National Security Agency helped find a cryptographic bug in Windows 10, though there was no evidence of exploitation. But in June and September, Homeland Security issued alerts over two “critical” Windows bugs — one which had the ability to spread across the internet, and the other could have gained complete access to an entire Windows network.

Let’s block ads! (Why?)

Source: https://techcrunch.com/2020/10/30/google-microsoft-windows-bug-attack/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Zack Whittaker

Why Threats from QR Codes are Flourishing

69da02cd.png
Quick response (QR) codes are suddenly everywhere again. Invented in 1994 by an award-winning team at Denso Wave, a subsidiary of Toyota, the QR code has found its way into almost every industry. They’re like a barcode on steroids. They might look like drunken chess boards, but the higgedly piggedly black and white squares hold much more information than the stripes of a barcode. And QR codes can trigger one of a selection of actions inside the scanning device—usually a smartphone.

Read This Article on CloudSavvy IT ›

Source: https://www.cloudsavvyit.com/7457/why-threats-from-qr-codes-are-flourishing/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dave McKay

« Older posts