Tag Search: security

Protect your business data in the cloud

Posted on Tuesday March 02, 2021  |  security, cloud security, cloud security from data breach, data breach security, security from cloud data breach

Despite its enhanced security features, cloud computing isn't 100% safe from data breaches. A small- or medium-sized business still needs to be proactive in making sure their data is secure in the cloud. The following tips will help tighten cloud data security.

 

Browser 'Favicons' Can Be Used as Undeletable 'Supercookies' To Track You Online

Posted on Tuesday February 09, 2021  |  privacy, security

According to a researcher, favicons can be a security vulnerability that could let websites track your movement and bypass VPNs, incognito browsing status, and other traditional methods of cloaking your movement online. From a report: The tracking method is called a Supercookie, and it's the work of German software designer Jonas Strehle. "Supercookie uses favicons to assign a unique identifier to website visitors. Unlike traditional tracking methods, this ID can be stored almost persistently and cannot be easily cleared by the user," Strehle said on his Github. "The tracking method works even in the browser's incognito mode and is not cleared by flushing the cache, closing the browser or restarting the system, using a VPN or installing AdBlockers." Strehle's Github explained that he became interested in the idea of using favicons to track users after reading a research paper [PDF] on the topic from the University of Illinois at Chicago. "The complexity and feature-rich nature of modern browsers often lead to the deployment of seemingly innocuous functionality that can be readily abused by adversaries," the paper explained. "In this paper we introduce a novel tracking mechanism that misuses a simple yet ubiquitous browser feature: favicons." To be clear, this is a proof-of-concept and not something that Strehle has found out in the wild.

 

Windows 10 Bug Corrupts Your Hard Drive On Seeing This File's Icon

Posted on Friday January 15, 2021  |  bug, security, windows

An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. Bleeping Computer reports: In August 2020, October 2020, and finally this week, infosec researcher Jonas L drew attention to an NTFS vulnerability impacting Windows 10 that has not been fixed. When exploited, this vulnerability can be triggered by a single-line command to instantly corrupt an NTFS-formatted hard drive, with Windows prompting the user to restart their computer to repair the corrupted disk records. The researcher told BleepingComputer that the flaw became exploitable starting around Windows 10 build 1803, the Windows 10 April 2018 Update, and continues to work in the latest version. What's worse is, the vulnerability can be triggered by standard and low privileged user accounts on Windows 10 systems. [...] It is unclear why accessing this attribute corrupts the drive, and Jonas told BleepingComputer that a Registry key that would help diagnose the issue doesn't work. One striking finding shared by Jonas with us was that a crafted Windows shortcut file (.url) that had its icon location set to C::$i30:$bitmap would trigger the vulnerability even if the user never opened the file! As observed by BleepingComputer, as soon as this shortcut file is downloaded on a Windows 10 PC, and the user views the folder it is present in, Windows Explorer will attempt to display the file's icon. To do this, Windows Explorer would attempt to access the crafted icon path inside the file in the background, thereby corrupting the NTFS hard drive in the process. Next, "restart to repair hard drive"; notifications start popping up on the Windows PC -- all this without the user even having opened or double-clicked on the shortcut file.

 

Signs you have weak enterprise security

Posted on Wednesday January 13, 2021  |  security, business security, business security failures, business security tips, ensuring business security is working, is my security working?, enterprise security

As cyberthreats become more sophisticated, many businesses need to prioritize cybersecurity more than ever. But are you sure that your security measures are keeping your enterprise IT assets safe? Here are five signs that they may not be effective.

 

Don't be a victim of juice jacking

Posted on Wednesday December 23, 2020  |  security, battery life, juice jacking, mobile technology

Smartphones have become an indispensable tool for most of us. We use them for a wide range of activities, from gaming to checking social media to accessing work apps. Because of heavy use, our smartphones may sometimes run out of battery. When that happens and you're out in public with no access to your charger, using public charging kiosks to bring your phone back to life can seem like a good idea - but it's not. It only makes your phone vulnerable to a cyber scheme called juice jacking.

 

How to tell if an Android app is legit

Posted on Monday December 21, 2020  |  security, android, tablet, safety, app security

More and more people are relying on Android devices for remote work, which is why cybercriminals are taking advantage and creating counterfeit Android apps to try and misguide users. These apps typically collect users' sensitive data or infect devices with malware, which can lead to fraud and financial crimes. The problem is, even a tech-savvy user may struggle to identify these bad apps.

 

Page:   1234567891011121314151617181920212223242526272829303132333435363738394041424344454647

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016