Late last week, Citrix warned that they had suffered a network breach. According to reports, the attackers made off with six terabytes of business documents. Since Citrix learned of the breach from external sources (Resecurity and the FBI), they’re still investigating the full impact of the breach, and whether or not it affects their customers or products. Watch today’s video … [Read more...]
Critical Cisco VPN Router Flaw – Security Byte
Recently, Cisco released a software update for a critical vulnerability in their Wireless-N VPN Routers. If you expose the management page remotely, an attacker can totally take over your router with a single web query. Researchers disclosed the flaw to Cisco six months ago and they just patched it last week. If you're a Cisco customer that uses this particular router, watch … [Read more...]
Exploit Kit Vulnerability Exposes C2s – Security Byte
Cobalt Strike is an exploit kit, similar to Metasploit but slightly less popular. Months ago, the researchers at Fox-IT noticed that a vulnerability in the exploit kit’s web server allowed them to track malicious command and control (C2) servers. In today’s video, learn more about the vulnerability in this semi-popular exploit kit, and how it allowed researchers to find and … [Read more...]
WinRAR Exploited in the Wild – Security Byte
WinRar, a popular compression program, suffered from a critical vulnerability that allows at attacker to execute code on your computer if you open a malicious archive file. Worse yet, attackers are exploiting this flaw in the wild, both in China and the Middle East. Watch the video below to learn about this new vulnerability and attack so that you don’t fall for a malicious RAR … [Read more...]
TurboTax Credential Stuffing – Security Byte
It’s getting close to tax time in the US, which means cyber criminals are targeting popular tax programs. Recently, Intuit, the creators of TurboTax, warned that attackers were trying to reuse stolen credentials to log into the popular online tax application. Whenever criminals steal password databases or credentials leak online, attackers commonly try to use these stolen … [Read more...]