Attacks

The MITRE ATT&CK FRAMEWORK

The MITRE ATT&CK Framework is a collection of techniques used by attackers during a breach. The ATT&CK breaks down the techniques into the following tactics:  Initial Access – Techniques that use various entry vectors to gain a foothold. Footholds gained through initial access may allow for continued access, like valid accounts and use of external …

The MITRE ATT&CK FRAMEWORK Read More »

National Computer Security Day

Held annually every 30th of November is the National Computer Security Day. A celebration that began in 1988 at a time that computers were becoming commonplace. This Day was created to raise awareness about cyber security issues and ways to keep all electronic devices and data protected from potential threats. Today, the internet and computers …

National Computer Security Day Read More »

Do you own an Apple device? Update it right now

Apple has released a critical software patch to repair a security vulnerability after researchers discovered a security flaw that would allow hackers to infect your Apple devices even if you do nothing, and don’t click on a link. The zero-day attack was discovered by the researchers at the Citizen Lab. The Citizen Lab said the …

Do you own an Apple device? Update it right now Read More »

T-Mobile Data Breach, Over 40 Million People Affected

A cyberattack on T-Mobile has exposed the information of over 40 million people. In a statement issued by the organization, that it had been investigating the data breach since last week when it was “informed of claims made in an online forum that a bad actor had compromised T-Mobile systems.” The company said the stolen files …

T-Mobile Data Breach, Over 40 Million People Affected Read More »

What is OWASP?

The Open Web Application Security Project (OWASP) is a non-profit organization focused on improving the safety of software. It was founded in 2001 by Mark Curphey. OWASP features a range of tools it uses, methodologies, and libraries to see web application security to seek out security vulnerabilities in web applications. They even have documentation guidelines …

What is OWASP? Read More »

SonicWall releases urgent notice about imminent ransomware attacks targeting its 8.x firmware

SonicWall logo

SonicWall a Network device maker has issued an urgent security notice to its customers, warning of imminent ransomware attacks targeting the Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. “The exploitation targets a known vulnerability that has been patched in newer versions of the …

SonicWall releases urgent notice about imminent ransomware attacks targeting its 8.x firmware Read More »

Kaseya ransomware attack: up to 1,500 affected companies company confirms

Kaseya an enterprise tech firm has confirmed that up to 1,500 businesses were impacted as a result of an attack on its remote device management software. The software was used to spread ransomware to Kaseya customers. The vulnerability found in the supply chain VSA software was the leverage the attackers used against the multiple managed …

Kaseya ransomware attack: up to 1,500 affected companies company confirms Read More »

What is Phishing?

Phishing is a type of social engineering with a touch of spoofing attack that uses different means to steal confidential personal/corporate information (SSN, password, date of birth, address account details, etc.). The attacker usually masquerades as a trusted entity to deceive the victim into opening an email, instant message, or text message. The victim then …

What is Phishing? Read More »

Logic bomb

A logic bomb is a specific kind of malware that is waiting for an event to occur before it is triggered. It is a piece of code intentionally inserted into the system that is set to go off once some specified conditions are met. Logic bombs don’t get to the system by themselves. Often installed by someone with …

Logic bomb Read More »