Security Talk

Multi-Factor Authentication is often seen as an answer to account compromise, or at least a partial answer to this issue. The problem is that MFA is that while it can help with account compromise, it is certainly not the end all of account protection and, like any other software control, it is potentially vulnerable to coding mistakes and other flaws that attackers can leverage. According to a recent FBI report state-backed attackers have found a way to abuse certain default configurations to register their own devices.

Details
Sean Kalinich
Hits: 1061

Security Talk

Yesterday we reported that insider builds of Microsoft’s Windows 11 were displaying ads for other Microsoft services inside File Explorer. Like most people, we felt this was not a good thing and the news went around the internet at a pace typical of things that are bad. In response to this Microsoft release a statement saying, “This was an experimental banner that was not intended to be published externally and was turned off,” Basically the marketing equivalent of a 5-year-old saying they got the cookie for you.

Details
Sean Kalinich
Hits: 1244

Security Talk

Ukrainian Security Officials are warning of an active phishing campaign. The campaign involves emails that impersonate government agencies and include links to what appear to be critical security updates. The payload of the campaign delivers Cobalt Strike and a few other things to complete the set and compromise the computer.

Details
Sean Kalinich
Hits: 1008

Security Talk

Microsoft, famous for bad marketing moves, is looking to make another one. In this case the mistake has not hit the general public but is in a preview build of Windows 11. The mistake is shoveling ads to people for other Microsoft products as part of the Windows File Explorer. To say that this move caused some concern with testers is a bit of an understatement. Some even called it “one of the worst places to show ads”

Details
Sean Kalinich
Hits: 1519

Security Talk

PatchStack has pushed out a report that shows that a shocking 30% of vulnerabilities in WordPress sites are left unpatched. This is not to say that people are not patching (they are not), but the report illustrates that vendors for plugins are not properly updating their own tools and software to address security issues. WordPress is one of the most popular content management systems available and has a very broad ecosystem of plug-ins, themes, and other bolt-on components to make it even more flexible and usable.
Details
Sean Kalinich
Hits: 1236

More Articles …

  1. Emotet’s Comeback Shows no Sign of Slowing as Bot Number Exceeds 100,000
  2. 16 New Vulnerabilities Found in HP UEFI Firmware Implementations by Binarly
  3. Another Linux Kernel Bug Found that can allow an Unauthenticated user Root Privileges
  4. Supply Chain Vulnerabilities Found in 150 Devices Spanning Multiple Industries Dubbed Access 7

Page 16 of 33

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin