Mobile360

22/03/2022

Breaking News: Employee credentials were stolen in a Cyberattack, according to NVIDIA.

NVIDIA disclosed this week that employee credentials were taken in a cyberattack and that the perpetrators have begun exposing the information online.

While the investigation into the incident is ongoing, NVIDIA says it has found no evidence of ransomware being deployed on its network.

Lapsus$, a well-known ransomware gang, claims to have stolen over a terabyte of data from NVIDIA. The data-extortion ring stated on a Telegram channel that it had begun publicly disclosing the stolen material.

Cyberattacks have expensive consequences, yet many boardrooms are still reluctant to free up the budget to invest in the cybersecurity protection necessary to avoid becoming the next victim.
Free up the budget to invest in cybersecurity protection as it poses potential expensive consequences and a crippled business if you don’t.

Prevention is better than cure…

Contact us: https://lnkd.in/dNvZ58f



Source: Security Week

22/03/2022

Must Read: Attackers gain root access due to a new Linux Bug in the Netfilter firewall module.

A recently reported security issue in the Linux kernel could be exploited by a local adversary to get elevated privileges on vulnerable systems, allowing them to execute arbitrary code, escape containers, or cause a kernel panic.

The vulnerability, tracked as CVE-2022-25636 (CVSS score: 7.8), affects Linux kernel versions 5.4 through 5.6.10 and is caused by a heap out-of-bounds write in the kernel's netfilter subcomponent.

This weakness allows a local attacker with a system user account to get access to out-of-bounds memory, potentially resulting in a system crash.

CVE-2022-25636 is a vulnerability caused by faulty handling of the framework's hardware offload feature, which might be exploited by a local attacker to cause a denial-of-service (DoS) or perhaps execute arbitrary code.

It is important to make sure that your personal information is protected through good quality cybersecurity. With our industry-leading global technology-based cybersecurity solutions, you can rest assured that your digital assets and information is protected. We are the only cybersecurity solutions provider worldwide that includes a free Cyber Breach Warranty with our solutions.

Contact us here: https://lnkd.in/dNvZ58f



Source: The Hackers News

22/03/2022

This is a great opportunity to have your day as a business owner/decision maker to what is important to you when making decisions regarding Information Technology…Help us to understand you better and in doing so, serve you better in the way you would expect..an just maybe you get that voucher besides the better service fit.

Time is running out to participate in our survey and to stand a chance to win a R2 000 Takealot Voucher.

Complete this 60-Second Survey on "The State of IT" and get your entry into the draw to win a R2 000 Takealot Voucher...

Access the survey here: https://bit.ly/3KM6vBv

21/03/2022

Breaking News: The latest outbreak of the Emotet Botnet has spread to over 100,000 computers.

The sinister Emotet botnet, which reappeared in November 2021 after a 10-month absence, is showing signs of continuous expansion, collecting a swarm of over 100,000 infected hosts for nefarious activities.

While Emotet has not yet reached its former size, the botnet has made a strong comeback, with around 130,000 unique bots dispersed across 179 countries since November 2021.

The malware first appeared in November 2021, using TrickBot as a delivery mechanism. TrickBot shut down its assault infrastructure late last month after several important members of the group were absorbed into the Conti ransomware cartel.

Emotet's botnet infrastructure is said to encompass nearly 200 command-and-control (C2) servers, with most of the domains located in the U.S.

The spread and expansion of bots is a key measure of Emotet's progress in reconstructing its once-vast infrastructure. Each bot represents a potential entry point into a sought network, as well as a possibility to launch Cobalt Strike or be promoted to a Bot C2.

Speak to us about a solution that can truly protect your users, endpoints and your organisation...and by this we mean, not through the use of the free cybersecurity add-ons to another core software purchase where cybersecurity likely isn’t within the core focus area of the provider.

Contact us now: https://lnkd.in/dNvZ58f



Source: The Hackers News

19/03/2022

Must Read: A new Spectre variant overcomes Intel and Arm hardware mitigation strategies.

A team of researchers has developed a new Spectre attack version that can bypass hardware mitigation strategies implemented in previous years by Intel and Arm.

Researchers have continued to investigate the security of processors since the publication of the Spectre and Meltdown vulnerabilities in January 2018. They have discovered various new side-channel attack methods. These approaches often allow an attacker with public access to the targeted machine to get small amounts of potentially sensitive data from memory.

When the Spectre flaw was discovered, the most serious variation was dubbed Spectre v2 or Spectre BTI (Branch Target Injection).

Intel has issued an advisory and a technical document explaining the new vulnerabilities, which are classified as CVE-2022-0001 and CVE-2022-0002, respectively. The flaws have been accorded a "medium" severity rating.

The vulnerability, identified as CVE-2021-26341, is caused by the unpredictable behaviour of instructions and might result in data leakage. AMD has issued a CVE-2021-26341 alert, as well as a white paper outlining software solutions for limiting speculation on their chips.

No matter the size of your organisation, it's only a case of WHEN, not IF, before you are attacked, and we often find that businesses have been breached months before they even realise it. Prevention is better than cure. We offer cybersecurity solutions to suit the needs and budget of any size business.

Safeguard your business against cyber-attacks now before it is too late.

Contact us now: https://lnkd.in/dNvZ58f



Source: Security Week

19/03/2022

Complete this 60-Second Survey on "The State of IT" and stand a chance to win a R2 000 Takealot Voucher...

Access the survey here: https://bit.ly/3KM6vBv

18/03/2022

A Buyers Guide for Selecting the Best Endpoint Management Solution. Download the free eBook now: https://sales.ts.thuthukani.com/buyers-guide-to-best-endpoint-management-solution

17/03/2022

16/03/2022

BREAKING NEWS: Adobe addresses ‘critical’ security flaws in Illustrator and After Effects.

Adobe released urgent security upgrades on Tuesday to address code ex*****on vulnerabilities in its widely used Illustrator and After Effects programs.

The most serious of the vulnerabilities were addressed in Adobe Illustrator, the popular vector graphics design program available for both macOS and Windows systems.

Adobe categorized the Illustrator problem as "critical" with a CVSS base score of 7.8 in an advisory. The CVE-2022-23187 flaw is a buffer overflow that affects Illustrator 2022 version 26.0.3 (and older versions) on both Windows and macOS platforms. Users are highly encouraged to upgrade to Illustrator 2022 version 26.1.0.

A third Adobe alert discusses a single memory leak vulnerability in Adobe Photoshop. The Photoshop problem, rated "important," is available on both macOS and Windows platforms. Adobe stated that it has no evidence that any of these flaws had been exploited in the wild prior to the release of patches.

Data is the fuel of IT; without data, you cannot run a business. Cyber-attacks are becoming increasingly aggressive and hackers will try any avenue possible to obtain data and to breach systems. Always ensure patches are up to date and remember this doesn’t have to be a daunting task, it can be automated with our AgentX solution.

Contact us here: https://lnkd.in/dNvZ58f



Source: Security Week