Back in 1969, the rock group – The Rolling Stones – recorded an album titled “Let it Bleed.” The album sold over 2.4 million copies, and in 1997, it was voted the 27th "Best Album Ever." The current "Bleed You" malicious cyber campaign is far from being popular and is trying to take advantage of a known remote code execution (RCE) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions. More than 1,000 systems are unpatched and vulnerable to compromise.
If an attacker gains cont
vpn (6)
The internet opened the door to a realm of possibilities that permanently changed the business and social landscape and our personal lives. Most users are no longer restricted to dial-up; many of us now consider access to a stable internet connection as a critical aspect of our daily lives. We pay our bills online, check our bank statements, communicate via email, and maintain a presence on social media. Many users rely on the web for work and entertainment, and seeking out information through
In recent years, our digital selves are now an established part of our identity. The emails we send, the conversations we have over social media both private and public as well as the photos we share, the videos we watch, the apps we download, and the websites we visit all contribute to our digital personas. There are ways to prevent a government agency, country, or cybercriminal from peeking into our digital lives. Virtual private networks (VPNs), end-to-end encryption, and using browsers that
Regarding cybersecurity, misconfigurations can create exploitable issues that can cause vulnerabilities later. The following are some common-sense security misconfigurations that can easily be avoided.[1]
Development permissions that do not get changed when something goes live. For example, AWS S3 buckets are often assigned permissive access while development is going on. The issues arise when security reviews are not carefully performed prior to pushing the code live, no matter if that push
I have written about Phishing before and I will continue to warn friends and colleagues about phishing and their tactics. Phishing is the start of almost all serious cyber breaches. In early 2020, cloud security expert, Wandera, revealed in its Mobile Threat Landscape Report that a new phishing campaign is launched every 20 seconds. Twenty seconds equates to three additional phishing sites designed to target users in every minute. However, this number no longer applies during COVID-19 times.
