by Scott Muniz | Feb 17, 2022 | Security, Technology
This article is contributed. See the original author and article here.
Cisco has released security updates to address a vulnerability affecting Cisco Email Security Appliance. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
CISA encourages users and administrators to review Cisco Advisory cisco-sa-esa-dos-MxZvGtgU and apply the necessary updates or workarounds.
by Scott Muniz | Feb 16, 2022 | Security, Technology
This article is contributed. See the original author and article here.
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or
https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
by Scott Muniz | Feb 15, 2022 | Security
This article was originally posted by the FTC. See the original article here.
To combat government and business impersonation scams and get money back to people, the FTC is considering changes to the law that would give the agency better tools. Want to help? Submit a comment on the rulemaking and make your voice heard.
Whether they call pretending to be from the Social Security Administration or email or text you claiming to be from a trusted business, impersonators are trying to steal your money or get your personal information — or both. And, for the past two years, they’ve been taking advantage of the confusion over the pandemic. The FTC’s data show that COVID-specific scam reports have included 14,069 complaints of government impersonation and 9,850 complaints of business impersonation. People have lost over $52 million to COVID-specific government and business impersonators since January 1, 2020.
Current law limits the FTC’s ability to combat these scams and return money to people who’ve lost money to these scammers. The FTC wants to change the law to make it easier to sue and get refunds for people who have experienced impersonation fraud. If you’ve experienced impersonation fraud, or have an opinion about the proposed rulemaking, submit your comment. All comments must be submitted online by February 22.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Scott Muniz | Feb 15, 2022 | Security, Technology
This article is contributed. See the original author and article here.
The Federal Bureau of Investigation (FBI) and the United States Secret Service (USSS) have released a joint Cybersecurity Advisory (CSA) identifying indicators of compromise associated with BlackByte ransomware. BlackByte is a Ransomware-as-a-Service group that encrypts files on compromised Windows host systems, including physical and virtual servers.
CISA encourages organizations to review the joint FBI-USSS CSA and apply the recommended mitigations.
by Scott Muniz | Feb 14, 2022 | Security
This article was originally posted by the FTC. See the original article here.
Chocolates, flowers, and spending time with your special someone are all Valentine’s Day traditions, but what about helping a friend or loved one spot and avoid a romance scam?
Even though a romance scam might not be affecting you, someone you know might be facing one. According to a new FTC report, people sent $547 million to online romance scammers last year. And more than a third of those who lost money said the contact started on Facebook or Instagram, often through an unexpected private message.
So pick up the phone and reach out to someone you might not have spoken with in a while. Check in with them, see how they’re doing, and listen to what they say. You might just be able to help them spot and avoid a romance scam.
As you start a conversation, here are some things to keep in mind:
- If a friend or loved one mentions an online love interest, ask if they’ve met in person.
- If they haven’t met in person, but that love interest has asked for money, that’s a scam. Period. No matter what story they tell — even if they send you money or gifts first.
- Romance scammers often create fake profiles. Use a reverse image search to see if someone else has used that profile picture, or if the details don’t match up.
- Never send or forward money to people you meet online. And only scammers ask you to pay by cryptocurrency, gift cards, or wire transfer.
Learn more at ftc.gov/romancescams and report scammers at ReportFraud.ftc.gov
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Scott Muniz | Feb 11, 2022 | Security, Technology
This article is contributed. See the original author and article here.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.
| CVE Number |
CVE Title |
Remediation Due Date |
|
CVE-2022-22620
|
Apple Webkit Remote Code Execution Vulnerability
|
2/25/2022
|
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.
Recent Comments