Vigilant Technologies

04/22/2022

Happy Earth day!

Today is an ideal time to consider how the technology we use every day affects our environmental friendliness, whether it's a computer, phone, tablet, or gaming console.

Reminder to responsibly recently or dispose of any tech devices and keep our environment in mind when using and purchasing technology.

03/11/2022

2021 was a record year for the number of zero-day flaws in Chrome that attackers were exploiting before Google knew about them.

Adrian Taylor, a technical program manager on the Chrome Security Team, says in a recent blog post that the increase in zero-days "may initially seem concerning", but he argues it could be a good thing because it means more zero-days are being caught and fixed.

https://security.googleblog.com/2022/03/whats-up-with-in-wild-exploits-plus.html

Posted by Adrian Taylor, Chrome Security Team If you are a regular reader of our Chrome release blog , you may have noticed that phrases l...

02/14/2022

Adobe has released an emergency patch to tackle a critical bug that is being exploited in the wild.

Tracked as CVE-2022-24086, the vulnerability has been issued a CVSS severity score of 9.8 out of 10, the maximum severity rating possible. The exploit does not require any administrator privileges to trigger. Adobe says the critical, pre-auth bug can be exploited in order to execute arbitrary code.

The patches can be downloaded and applied manually here:

https://support.magento.com/hc/en-us/articles/4426353041293-Security-updates-available-for-Adobe-Commerce-APSB22-12-

02/04/2022

Beware strange PowerPoint attachments that may appear in your inbox!

Cyber attackers are deploying emails with .ppam (PowerPoint) file attachments that can hide malware capable of rewriting Windows registry settings on targeted devices.

This campaign represents one of several stealthy ways that threat actors target desktop users via trusted applications. These emails can evade security detections and appear legitimate.

https://threatpost.com/powerpoint-abused-take-over-computers/178182/

Attackers are using socially engineered emails with .ppam file attachments that hide malware that can rewrite Windows registry settings on targeted machines.

01/04/2022

Microsoft warns that Log4j attack levels remain high.

Log4Shell will likely take years to remediate because of how widely the error-logging software component is used in applications and services.

Stay Vigilant and ensure you continue to patch affected software.

https://www.zdnet.com/article/log4j-flaw-attacks-are-causing-lots-of-problems-microsoft-warns/

Organizations might not realize their environments are already compromised.

12/30/2021

2021 has been the year of cybersecurity issues. It's clear that cybersecurity was a major concern in 2021, and will continue to be a key concern for businesses going into the new year. Let's review the major cybersecurity incidents that took place throughout the year.

https://www.forbes.com/sites/emilsayegh/2021/12/28/2021-a-cyber-year-to-remember/?ss=cloud&sh=6c3ab84b4d00

One thing that seems certain for 2022 is that it will be even more essential than ever before to keep your guard up. We'll have new cybersecurity regulations further in place by then, which means there’s a higher likelihood of compliance issues with these rules.

12/23/2021

Happy Holidays from the Vigilant team! We hope you are enjoying this season safely with family and friends.

12/09/2021

🚨 New blog post! 🚨

We are all well aware of external threats to our organization, such as malware or hackers.

Are you aware of what internal threats are to your organization? Don't worry, we're here to break it down for you.

Click the link in our bio to read now!

12/07/2021

With more team members working from home, more devices are accessing your network, along with new technologies and tools being utilized to make at-home offices function properly.

This blurs the lines between the personal and professional use of devices. All of this points to a very real and potentially dangerous threat - an insider threat.

In our latest blog post, we cover what insider threats are, and how to spot and mitigate these attacks.

https://blog.vigilant1.com/insider-threats

Insider threats present a complex risk affecting the public and private domains of all critical infrastructure sectors. Learn how to spot a potential attack and how to mitigate it.

12/06/2021

Critical Security Warning - Over 150 models of HP printers are exposed to hacking attacks.

The most serious of the vulnerabilities could enable a remote attacker to execute code following a buffer overflow exploit. The researchers at F-Secure Labs highlighted several exploit examples, including tricking the target organization into visiting a malicious website.

https://lnkd.in/eNgm9MWc

Researchers reveal 'printing shellz' vulnerabilities impacting 150 HP printers: update your firmware now.

11/29/2021

Get hooked on good deals - don't get phished this holiday season!

Know how to avoid phishing and other scams this time of year by learning about the history of phishing, and current methods cybercriminals are using to target you.

https://blog.vigilant1.com/phishing-and-social-engineering

Phishing was the most common type cyberattack in 2020. In our latest blog we explore why phishing is so successful, and how to prevent employees from falling for it.