Recently, vulnerabilities in SMS-based multi-factor authentication (MFA) have been highlighted in the news. While stories like these highlight individual instances showing the threat possibilities, a recent study on SIM swaps sheds light on how easy an adversary could take over your phone number. Using no previous knowledge of the user besides the name and phone number of the … [Read more...]
Pandora’s Box of Processor Vulnerabilities is Open – Now What?
Security researchers shook the industry to its core back in 2018 when they disclosed Meltdown and Spectre, two serious vulnerabilities found in virtually every computer processor. Pandora's box of processor security vulnerabilities had just been opened. One of the scariest parts is that these types of vulnerabilities are far more dangerous and effective when attackers use them … [Read more...]
Microsoft Patch Tuesday; Critical RDP & Important CryptoAPI Updates
If you use modern-day Microsoft software products as a standard end user or a Windows Server administrator and use Remote Desktop Protocol (RDP) in any fashion or use any software programs that utilize CryptoAPI, I strongly recommend you patch right away! The Cybersecurity and Infrastructure Security Agency (CISA) released an alert about three critical RDP patches and an … [Read more...]
Mobile Security and IMSI-Catchers
While reading some security articles, one headline in particular stood out and piqued my interest – Do you use burner phones during business travel? Here’s how you can be targeted. Personally, I am super into mobile and wireless security in general. This includes cellular/mobile networks and even just standard IP-based networking. The events going on behind the scenes with … [Read more...]
TikToks banned by the Army, but is it safe?
As reported by Military.com, the Army recently banned the app TikTok from use on phones. "It is considered a cyber threat," Lt. Col. Robin Ochoa, a spokeswoman for the Army said in the Military.com article. This comes after Sen. Chuck Schumer of New York and Sen. Tom Cotton of Arkansas, both members of the Armed services intelligent committee, requested an investigation of the … [Read more...]
