What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Web Security

Cloud Attacks Are Bypassing MFA, Feds Warn

CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted. The Feds are warning that cybercriminals are bypassing multi-factor authentication (MFA) and successfully attacking cloud services at various U.S. organizations. According to an alert issued Wednesday by the Cybersecurity and Infrastructure Security . . . Read more

TikTok Takes Teen Accounts Private

The company announced accounts for ages 13-15 will default to privacy setting, among other safety measures. TikTok has decided to boost privacy measures for its underage users, the popular video-sharing social-media company announced. TikTok’s popularity is being driven by teens — the company reported in 2019 about 60 percent of . . . Read more

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs. Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website. . . . Read more

Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove

Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers. Google researchers have detailed a major hacking campaign that was detected in early 2020, which mounted a series of sophisticated attacks, some using zero-day flaws, against Windows and Android platforms. Working together, . . . Read more

Mimecast Certificate Hacked in Microsoft Email Supply-Chain Attack

A sophisticated threat actor has hijacked email security connections to spy on targets. A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor,” the company has announced. Mimecast provides email security services that customers can . . . Read more