Posts By: Michael

ZLoader is a popular malware among hackers, and has recently been used to steal user credentials and other sensitive information by exploiting a vulnerability in Microsoft’s digital signature verification. So how does this affect you?  Microsoft’s signature verification tool Authenticode is used to ensure that a file is legitimate and trustworthy. Researchers at Check Point… Read more »

Ransomware Hits Virginia General Assembly On December 12th, ransomware struck the Virginia General Assembly, targeting the Legislative Automated Systems branch. This department, the IT arm of the state legislature, manages tasks like publishing, computer technology, and legislative information. Upon discovering the attack, the department quickly shut down most servers to contain the spread. A top… Read more »

The Log4Shell Exploit On December 9, 2021, a zero-day exploit targeting Log4j, an open-source logging tool, came to light. Log4j helps programs track application errors. The exploit, called Log4Shell, impacts thousands of systems globally, including those of major vendors like Cisco, VMware, Twitter, Amazon, Google Cloud, IBM, and Microsoft. Hackers have likely exploited this vulnerability… Read more »

If you own a smart device—or expect to receive one this holiday season—you may be worried about its security. Devices from Apple, Amazon, and Google offer convenient ways to access information or communicate. However, these companies have faced criticism for recording and reviewing voice data without users’ consent. A bit of skepticism is reasonable. In… Read more »

In the past few weeks, hundreds of WordPress sites have experienced an onslaught of ransomware attacks. The hackers implement encryption notices and demand a ransom of 0.1 Bitcoin, which equates to roughly $5,500 dollars.   The hackers include a countdown timer and tell the website owners that they will delete their entire website, which for a… Read more »

The Transportation Security Administration (TSA) recently announced that it will soon implement new cybersecurity requirements on the railroad and airline industries. To many, this comes as no surprise, as critical infrastructure has been subject to a slew of high-profile cybersecurity attacks this past year. The new directives will all but waive existing voluntary cybersecurity measures… Read more »

Many cybersecurity experts are now warning of a new ware called killware. Unlike ransomware and malware, which primarily aim to gain money and access to sensitive data, killware’s aim is to take lives. Authorities warn that these types of attacks could impact hospitals, transportation, law enforcement agencies, banks, and even the water supply. Hospitals specifically… Read more »

In early October, an anonymous 4chan user posted a 125GB torrent link to the 4chan site containing breached data from the popular streaming platform Twitch. The hacker claimed that the intent of the leak was to “foster more disruption and competition in the online video streaming space”, suggesting that the breach was driven by spiteful… Read more »

Cybersecurity Awareness Month 2021: Week 3 Last week, we discussed email phishing and the red flags you need be aware of. This common yet effective method of harvesting personal data laid the foundation for attacks that target mobile devices. Though many people are aware of phishing email campaigns, not the same can be said about… Read more »