Suffolk Computer Consultants, Inc. Blog

You’ve more likely than not purchased a ticket through Ticketmaster at some point in your lifetime, so you might be interested to find out that Live Nation Entertainment—Ticketmaster’s parent company—has had to file an 8-K with the Security and Exchange Commission to admit that 1.3 terabytes of data had been hacked. The result is that more than 560 million customers’ personal information was stolen from company servers.

What happens when the tools designed to keep organizations safe from network breaches, are the victim of a cyberattack? After all, these tools are just applications, albeit sophisticated pieces of security software, they can run the risk of being exploited much in the same way any other software is. This is exactly what happened to cybersecurity giant Barracuda as it was the victim of a zero-day exploit. Let’s take a look at the hack and how you can protect your business from sharing the same fate.

Zero-day vulnerabilities are never fun, but this is especially the case with popular devices, like the many that use the Samsung Exynos modem. Google’s Project Zero has discovered 18 such vulnerabilities in these chips, four of which allow for remote code execution. Why should you be concerned about these vulnerabilities and what can you do to minimize your risk?

Log4j is a major vulnerability that has a widespread impact across a wide range of technology. We can’t stress how serious this is, and your business needs to take action right away.

Bad news—thanks to four flaws in Microsoft Exchange Server software, over 60,000 individuals and organizations have had their emails stolen by a cyberespionage unit based in China, with over 30,000 of those targeted being in the United States. Let’s review what has taken place up to the time of this writing, and what can be done about it.

Based on how the rest of the year has gone, it should come as no surprise that 2020 has come to an end with the news that the United States was targeted in the largest cyberespionage attack ever. Let’s go into what this attack signifies, and what we should all take away from it.

We’re always talking about the importance of keeping your software up to date. It is the very best way to avoid the vulnerabilities that can cause data breaches. When the Department of Homeland Security tells organizations to patch their software, however, it is urgent. This is exactly what has happened recently regarding the world’s most utilized Internet browser, Google Chrome.

Capital One is one of the largest credit card issuers in the world. On July 29th 2019, Capital One made an announcement, confirming it is the victim of one of the largest data breaches in financial sector history, as a former software engineer for Amazon has been indicted on charges related to the hacking.

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

Twitter is recommending that all 336 million users change their passwords as soon as possible due to the discovery of an internal security flaw. While the issue has been fixed and no data breach seems to have taken place, Twitter is clearly taking this situation seriously.

A major vulnerability has been discovered that affects everyone that uses Wi-Fi. Key Reinstallation Attack, or KRACK, affects the core encryption protocol that most Wi-Fi users depend upon to shield their browsing from others, Wi-Fi Protected Access 2 (WPA2).

Run your Windows Updates and be very skeptical about opening unsolicited emails. Failure to do so may result in a very dangerous strain of ransomware that could infect your entire network and spread to your clients, partners, and prospects.