Careful
Security

Cybersecurity Threats

Mastodon Social Media Twitter Cybersecurity Careful Security

Mastodon Bug Found

If you haven’t heard of Mastodon, it is a decentralized social media platform that users are flocking to to replace Twitter. After Elon Musk purchased Twitter recently, and laid off many Twitter employees, users were looking for a replacement. While Mastodon is different from the extremely popular social media networking site, known for “tweets”, people …

Mastodon Bug Found Read More »

Azov Ransomware

Azov ransomware was originally thought to be yet another ransomware that encrypts a victim’s data, demands a ransom, and forces you to pay if you want your data back. All this, however, is just a front. This is a new type of ransomware. Instead of providing you the contact information to unencrypt your data and …

Azov Ransomware Read More »

LAUSD hit with ransomware attack

LAUSD Hit With Ransomware Attack Over Holiday Weekend

Over the Labor Day weekend, one of the United States’ largest school districts was hit by a cyberattack. LAUSD serves more than 600,000 students, between kindergarten and 12th grade, and employs more than 26,000 teachers at over 1,000 schools.

Recovering Hacked Website

Recovering Hacked Website

Recover hacked website is a common term in Cyber security. Websites can be hacked because of multiple reasons. Some of the most common reasons that we’ve seen are account compromise, insecure plugins, non-restrictive file permissions. We’ve secured these weaknesses through simple steps such as implementing two factor authentication, updating old software, cleaning up malware and …

Recovering Hacked Website Read More »

SQL Injection

SQL Injection

What is SQL Injection? SQL Injection is a web security vulnerability that allows an attack to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data …

SQL Injection Read More »

BEC phishing campaign 

Microsoft issues warning on BEC phishing campaign 

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud  A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials …

Microsoft issues warning on BEC phishing campaign  Read More »

iPhone iOS 16 lockdown mode

New iPhone Feature – Lockdown Mode for Security

Here’s what Lockdown Mode on your iPhone does:

Message Attachments are blocked, except for images.

If a website has a complex tech, like just-in-time (JIT) Javascript compilation, it will be disabled.

FaceTime calls, and other incoming invitations and service requests, from unknown callers are blocked.

Password Stuffing

Robert Half client accounts (Password Stuffing)

Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts   HR consulting firm Robert Half has started informing customers that their personal and financial information might have been compromised (password stuffing) after hackers targeted their RobertHalf.com accounts. Information provided by the company to the Maine Attorney General shows that threat actors targeted Robert …

Robert Half client accounts (Password Stuffing) Read More »