Late Sunday night, it was announced that multiple vulnerabilities were discovered in the widely used Wi-Fi Protected Access II protocol (WPA2) that could make it possible for attackers to eavesdrop on traffic passed between computers and wireless access points. While details are still being released, manufacturers of every wireless router/access point, and every device with wireless access are working towards defining updates that will resolve this vulnerability.
Over the past several days, the big story in the US has been Category 4 Hurricane Harvey and the flooding and destruction it is leaving in its wake. As with most disasters, Harvey has stirred up the desire in many people to find a way to help with the relief efforts. Unfortunately, this also opens the doors to scammers who want to exploit the generosity of these people.
Popular payroll company ADP is warning of a sophisticated phishing attack using emails that impersonate ADP business. The attack email in question warns of a Past Due invoice. These emails appear as if an ADP.com account was used as the sender. Mytech has most commonly seen “billing.address.updates@ADP.com"; but other addresses including “Francisca.Hopkins@adp.com” are also common.
SUPERVALU announced on Thursday (7/14/2014) that it experienced a criminal intrusion into its payment card transaction network. The intrusion may have resulted in the theft of account numbers, expiration date, and cardholder’s names. The intrusion was identified by an internal team and quickly contained. Third-party data experts are assisting in determining the scope of the incident.
Illegitimate spam messages are not just annoying, they often contain threats to your network security. One particularly dangerous form of these threats is what has become known as "phishing" attack. This involves tricking people into clicking a hyperlink in their email that takes them to what appears to be a legitimate website. Once the user arrives at the fake site they are usually prompted to enter personal information, and then that personal information can be used by the attacker in a variety of bad ways.
This is an RCE vulnerability in OpenSSL and all versions are technically vulnerable. However this is more of a concern with SSL VPN protocols than with HTTPS. There’s another separate man-in-the-middle (MITM) vulnerability too, and it’s probably worth updating… but really shouldn’t be as bad as both ends of the connection would have to be vulnerable for an exploit to work, and only version 1.0.1 is actually vulnerable on the server side.
Security researchers have released details about a vulnerability in Internet Explorer 8 that could allow bad actors to take control of a computer. At the time of this writing, Microsoft has not released any news of a security update to resolve this vulnerability. While there are some mitigation steps that can be taken to prevent an exploit, Mytech believes that most of our clients are not at elevated risk from an attack.
Online auction mega-site eBay recently disclosed a major data breach from earlier this year that exposed personal information of an unknown number of users. While the scale of the breach is a bit fuzzy, the fact that the attackers had almost unrestricted access to the company corporate network for an extended period is very worrisome. eBay maintains that financial data was not accessed, but personal information including physical addresses and date of birth was in the database that was compromised.
A very severe vulnerability has been recently discovered in all versions of Internet Explorer for all versions of Microsoft Windows. This vulnerability would allow an attacker to execute remote code if a user visits a malicious website. This vulnerability is being actively exploited in the wild, which means that there are confirmed cases of attackers targeting websites right now.