Blog

By Nancy Rand, Posted in Security

June 30, Softpedia – (International) Google adds SEO spam notifications to Google analytics dashboard. Google reported that it will be enhancing its security notifications for compromised Web sites by integrating the Safe Browsing application programming interface (API) into the Google Analytics dashboard, which will help detect malware and warn the Webmaster of a search engine optimization (SEO) spam on their Web site. Source June 29, Softpedia – (International) Android ransomware quadrupled i... read more.

• July 01, 2016

By Nancy Rand, Posted in Security

June 29, Softpedia – (International) Symantec products affected by multiple “as bad as it gets” vulnerabilities. A security researcher from Google’s Project Zero initiative discovered several vulnerabilities in Symantec’s security products including buffer overflow flaws, memory corruption flaws, and a high-severity flaw that does not require user interaction, affects default configuration, and allows the software to run on the highest privilege levels possible due to a vulnera... read more.

• June 30, 2016

By Nancy Rand, Posted in Security

June 28, Softpedia – (International) Microsoft Office 365 corporate users hit by Cerber ransomware attack. Avanan researchers reported that about 57 percent of all companies using Microsoft Office 365 received at least 1 copy of the Cerber ransomware in their inboxes in a June 22 attack that lasted 5 hours before Microsoft blocked the malicious file attachments. Source June 27, SecurityWeek – (International) MIRCOP ransomware claims to be victim, demands payback. Trend Micro researchers reporte... read more.

• June 29, 2016

By Nancy Rand, Posted in

June 26, Softpedia – (International) Uber bugs allowed hackers to gather details on rides, drivers, passengers. Security researchers from Integrity discovered 14 issues in Uber Technologies Inc.’s system that could be exploited to extract user details via the mobile app’s Help Section, obtain a driver’s and user’s universally unique identifier (UUID) and request private information such as names, pictures, location, car types, status, among other data, and use over 1,000 active... read more.

• June 28, 2016

By Nancy Rand, Posted in Security

June 24, SecurityWeek – (International) Malware can steal data from air-gapped devices via fans. Security researchers from Ben-Gurion University of the Negev discovered a new acoustic data exfiltration method dubbed Fansmitter was leveraging the noise emitted by a computer’s fans to transmit data without relying on speakers by sending bits of data to a nearby mobile phone or a computer equipped with a microphone. Attackers can control the fan to rotate at a specific speed to transmit a “0&... read more.

• June 28, 2016

By Nancy Rand, Posted in Security

June 23, Softpedia; Austin Daily Dot – (International) Hackers breach US company and unwittingly expose 154 million voter records. Security researchers from MacKeeper discovered that a CouchDB database containing details on over 154 million U.S voters was compromised after a hacker took down L2’s, a company that builds, manages, and sells access to U.S. voter records, firewall. The database contained 1-year-old information and was taken down, and authorities were unsure of the identity of the ha... read more.

• June 24, 2016

By Ken Phelan, Posted in

Let your ‘Yes’ be ‘Yes’ and your ‘No’ be ‘No’. For whatever is more than these is from the evil one. Mathew 5:37 At Gotham, we sell a lot of products and consulting to a lot of customers (thankfully). We get to see many of them succeed and we’ve unfortunately seen some fail. We try to share that experience to make our customers as successful as possible. Sometimes we even write blogs so that random strangers can potentially be more successful. That&rsqu... read more.

• June 22, 2016

By Ken Phelan, Posted in

Over time, the value we get from a piece of software generally increases. The software matures. There are more features and, hopefully, fewer bugs. More importantly, we simply use it better. It’s fully deployed. We’ve figured out where and why to use it in our organization. Once we’ve been in production for a couple of years, it’s like any other relationship. We may look wistfully at some green grass on the other side of the fence every now and then, but we’re happy with the de... read more.

• June 13, 2016

By Nancy Rand, Posted in Uncategorized

May 31, SecurityWeek – (International) 65 million users affected by Tumblr breach. Tumblr officials reported that as a precaution, they have reset all their customers’ passwords after an Australian security researcher found that a hacker under the online name, “peace_of_mind” posted the information of 50 million Tumblr accounts on a darknet Web site called, “The Real Deal” for a small sum of money. The same hacker was also seen selling millions of records of LinkedIn, Fling.com, and Myspace users. Source ... read more.

• June 01, 2016

By Nancy Rand, Posted in Security

May 26, SecurityWeek – (International) Angler EK malvertising campaign abuses recent Flash zero-day. Security researchers from Malwarebytes reported that a previously patched zero-day flaw in Adobe Flash Player was being exploited in a new malvertising campaign targeting ad networks through a conditional malicious code which redirects users to the Angler exploit kit (EK) after executing fingerprinting checks. Attackers exploit the vulnerability via specially crafted Microsoft Office documents. Source May... read more.

• May 31, 2016