🔐 How to create an encrypted vault with KDE Vaults 🔐

If you're looking for a way to seamlessly work with encryption on the desktop, give KDE vaults a try.

📖 Read

via "Security on TechRepublic".

<b>&#10068; Ransomware attacks through Remote Access is on rise. Secure your system now!! &#10068;</b>

<code>Estimated reading time: 4 minutesOnce again ransomware attacks are on the rise and this can leave your systems vulnerable to critical data loss and breach. In fact, the recent outbreak of ransomware allows cyber criminals to easily gain access to your computer through Remote Desktop using brute-force technique, which is capable of cracking weak passwords. With this post, we wish to help you with essential steps and corrective measures you can take, to protect your computer(s) against ransomware and RDP brute-force attacks. However, before we get into the steps to follow, it can be helpful to get a brief understanding about RDP Brute-Force attacks first. What is RDP Brute Force Attack? A RDP brute-force attack is basically a kind of ransomware attack that makes use of Remote Desktop Protocol (RDP). Attackers scan a list of IPs to find the default RDP port 3389 that is open for connection. Once the port is discovered, the attacker launches the brute-force attack. This is basically a trial & error technique of User ID and password guessing, where the attacker tries a series of commonly used credentials, common word combinations and dictionary words to break through weak passwords. To make things easier for attackers, there are numerous tools readily available that can perform these RDP brute forcing and port scanning with ease. Once attackers gain access, all they have to do is to disable your system’s antivirus (even if updated) and infect your system. Fortunately, Quick Heal products comes with a security feature that can protect your system against such brute-force attacks. We have already released an update to modify rule in Quick Heal’s Firewall that automatically turns off your RDP connections for security reasons and you are sorted. This will discourage hackers from remotely accessing your system. With the update already released, there can be 2 possible case scenarios: Case #1 I do not wish to use RDP If you already have Quick product installed on your system, then you have absolutely nothing to worry about. Quick Heal’s Firewall Protection Feature can effectively block RDP attempt. As we have already rolled out an update to disable RDP connection, if your Quick Heal product’s virus database version is 25th October or later, be assured that you are already protected from RDP attacks.   *In case of any queries, feel free to call us on our toll-free no. 1800-121-7377 and our support engineers would be glad to help you with the issue. You may also visit http://bit.ly/QHChat to chat with us online. Case #2 I want to continue using RDP Just in case, it is essential for you to continue using RDP, but at the same time you wish to ensure its security, then you can manually configure the Firewall Protection Feature to configure RDP connection with the help of following steps: Open Quick Heal Dashboard => Select Internet and Network => Firewall Protection=> Advanced Settings – Configure=> Traffic Rules.               In the Traffic rule window, click on Add for adding an exception. Give any Name for the rule e.g. Remote Desktop and select Next In the ‘Local IP Address’ screen, no changes are to be made, just click ‘Next’ In the Local TCP/UDP Port window enter the RDP port in the Specific port option and click Next. By default the RDP port is 3389. Mention the same if you have not changed it. In the Remote IP Address enter the IP address of the system from which you would want to accept RDP connections. It is recommended to configure IP address from which RDP connections are to be allowed. However, if you do not wish to restrict access to specific IP address, select ‘Any IP Address’ and click Next. If you wish to restrict access to range of IP addresses, select ‘IP Address Range’ and specify IP address here. Eg. 192.168.0.1 to 192.168.0.255. Select Next for the Remote TCP/UDP port Select an action to be taken as ‘Allow’ in the…

🔐 How information security and cyber tactics has evolved 🔐

Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the development of cyber tactics with CNET's Dan Patterson.

📖 Read

via "Security on TechRepublic".

🔐 How information security and cyber tactics has evolved 🔐

Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the development of cyber tactics with CNET's Dan Patterson.

📖 Read

via "Security on TechRepublic".

🔐 How Colorado voting became a cybersecurity leader long before Russians tried to hack it 🔐

Colorado offers extensive election official cybersecurity training, paper ballots, and a strong auditing system, giving it top marks in election security.

📖 Read

via "Security on TechRepublic".

ATENTION‼ New - CVE-2017-18124

During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20

📖 Read

via "National Vulnerability Database".

🕴 3 Keys to Reducing the Threat of Ransomware 🕴

Following these steps could mean the difference between an inconvenience and a multimillion-dollar IT system rebuild -- for the public and private sectors alike.

📖 Read

via "Dark Reading: ".

🕴 FTC Offers Small Businesses Free Cybersecurity Resources 🕴

Cybersecurity for Small Businesses campaign kicks off.

📖 Read

via "Dark Reading: ".

🔐 Why 5G (and even 6G) could put your business at risk for a cyberattack 🔐

The next generation of wireless networking standards could leave critical security gaps open, according to University of Dundee research.

📖 Read

via "Security on TechRepublic".

❌ DemonBot Fans DDoS Flames with Hadoop Enslavement ❌

An unsophisticated but effective botnet is targeting exposed cloud servers and racking up millions of infections.

📖 Read

via "The first stop for security news | Threatpost ".

❌ British Airways Data Breach Takes Off Again with 185K More Victims ❌

The news comes on the heels of a breach at Cathay Pacific exposing 9.4 million people.

📖 Read

via "The first stop for security news | Threatpost ".

🕴 DeepPhish: Simulating Malicious AI to Act Like an Adversary 🕴

How researchers developed an algorithm to simulate cybercriminals' use of artificial intelligence and explore the future of phishing.

📖 Read

via "Dark Reading: ".

❌ PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware ❌

Microsoft has been notified, but no patch is yet available.

📖 Read

via "The first stop for security news | Threatpost ".

🕴 British Airways: 185K Affected in Second Data Breach 🕴

The carrier discovered another breach while investigating its largest-ever data breach, disclosed in September.

📖 Read

via "Dark Reading: ".

❌ ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach ❌

A full 21 percent of survey respondents would walk away from a business permanently after a major hack.

📖 Read

via "The first stop for security news | Threatpost ".

🔐 Dark Web: A cheat sheet for business professionals 🔐

Nefarious profiteers use the encrypted internet to sell stolen data, drugs, and weapons. Facebook and the UN use it to protect dissidents and journalists. This guide shines a light on the Dark Web.

📖 Read

via "Security on TechRepublic".

⚠ Researchers exploit Microsoft Word through embedded video ⚠

A group of researchers has found a way to infect computers via Word documents without triggering a security warning.

📖 Read

via "Naked Security".

🔐 Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy 🔐

More than 85% of companies have experienced a cyber breach in the past three years, according to an A.T. Kearny report.

📖 Read

via "Security on TechRepublic".

⚠ Monday review – the hot 22 stories of the week ⚠

From a popular WordPress plugin harbouring a zero-day to punishments for phone-slowing Apple and Samsung, and all the stories in between. Catch up with everything we've written in the last seven days - it's weekly roundup time.

📖 Read

via "Naked Security".

⚠ Call of Duty players caught up in cryptocurrency theft racket ⚠

The FBI recently busted a group of criminals who seem to be using Call of Duty to coordinate cryptocurrency thefts.

📖 Read

via "Naked Security".

⚠ “Right to repair” gets a boost from new DCMA software rules ⚠

It just got easier for owners of a wide range of home devices to hack and repair their software.

📖 Read

via "Naked Security".