Our centralized distribution management system is a Cloud ERP with high-tech features to help companies manage and monitor end-to-end distribution networks and optimize logistics operations. The system integrates dedicated modules with company’s sales and financials to reduce process times, improve customer support, and eliminate unnecessary costs.
Deal with an industry-specific application designed for high-volume wholesale distributors to improve efficiency, gain tighter control, and reduce manual work.
Integrate warehouse backend system into various mobile devices to optimize accuracy & security, and gain smoother distribution control from any place, anytime.
Generate reports on important metrics in real-time, including perpetual & physical inventory, order processing, purchase, inventory location, stored items, cost, logistics, and more.
Our software manages all aspects of Pet Cremation and Pet Burial Processes all over the world. Our powerful technology app is available for configuration to match retail, hospital, and clinic business operations. It can be integrated into any mobile device to manage, invoice, and track pet crematory.
Manage and automate all tasks revolving around pet burials, including phone consultation, intaking, processing, route management, vet finder, and body disposal.
Systematize the manual cremation operation for companies engaged in the pet cremation marketplace to optimize performance and improve customer satisfaction.
Track various hazardous waste boxes through Medical Waste process, from drop-off through to the treatment process; modules include barcodes, report, pricing, mass entry, & box tracking.
The rental suite is a real-time solution that helps rental clients improve visibility across multiple locations with order bookings, inventory, fleet, accounts, customers, and web presence. Our solution improves traditional retail processes & boost managerial efficiency by streamlining and integrating all elements of single & multi-store management. We combine core retail activities in one operational hub and allow data access anywhere, anytime to help you provide customers an multiple-channel experience. The application overcomes the traditional stock sales since merchandize comes back to the warehouse – the easy process of bringing back stock via barcodes boosts clients’ efficiencies.
Our Transportation Management System, Load-Logix, powered by Oracle, is a logistics industry-specific software application that optimizes the operations of carrier and logistics brokers by automating their internal processes, such as load data entry and re-entry, payroll and invoicing, communication, and load tracking & management, in real-time. It also allows integration with enterprise level accounting apps, business analytics, reporting, and offers an exceptional truck board map that helps finding return loads after current load is dropped off.
Manages drivers & load in real-time for carrier borkers to boost customer service and route deliveries, reduce fuel consumption, and minimize travel time and distance.
Get accomplished feature list, including multiple domains, email recall, & aliases with A+ support.
Learn More
Develop & manage agile IT infrastructures through hi-tech cloud-based IT-managed services.
Learn More
Get end-to-end hosting solutions to enjoy a non-chaotic working environment day after day.
Learn More
Hire IT support team for your short-time projects without any obligations or heavy investments.
Learn More
No more call drops, costly international calls, & inaudible voices with robust custom telephonies.
Learn More
We ensure your critical data, cloud infra, and hardware continue to work despite failures.
Learn More
We implement full-stack cloud infra and monitoring delivered by USA’s leading cloud partners.
Learn More
Work with Cisco & Microsoft-certified engineers to build, design, and reconfigure robust networks.
Learn More
NGAV effective prevention technology, powered by built in threat intelligence & quick response.
Learn More
QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability allowing remote attackers to inject malicious code on QNAP NAS devices. “A vulnerability has been reported to affect QNAP devices running QTS 5.0.1 and QuTS hero h5.0.1. If exploited, this vulnerability allows remote attackers to inject malicious code,’ warns […]
Learn More
Microsoft has started the forced rollout of Windows 11 22H2 to systems running Windows 11 21H2 that are approaching their end-of-support (EOS) date on October 10, 2023. Redmond is regularly initiating automatic feature updates to ensure that it can continue to service these devices near their EOS date and to provide them with the latest […]
Learn More
Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads. Apple said that the flaw discovered by Clément Lecigne of Google’s Threat Analysis Group allows maliciously crafted webpages to perform arbitrary code execution (and likely gain access to sensitive information) on vulnerable devices. Attackers can successfully exploit this flaw […]
Learn More
A new Android malware named ‘Hook’ is being sold by cybercriminals, boasting it can remotely take over mobile devices in real-time using VNC (virtual network computing). The new malware is promoted by the creator of Ermac, an Android banking trojan selling for $5,000/month that helps threat actors steal credentials from over 467 banking and crypto apps […]
Learn More
PayPal is sending out data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks that exposed some personal data. Credential stuffing are attacks where hackers attempt to access an account by trying out username and password pairs sourced from data leaks on various websites. Credential stuffing targets users that employ the […]
Learn More
Microsoft has acknowledged a new bug affecting some Windows 11 applications triggering launch issues and causing them to display errors after a system restore. The company said that “after running a System Restore to a previous restore point on a device that is running Windows 11, version 22H2, some Windows applications that use the MSIX […]
Learn More
While many people love the new interface in Windows 11, others prefer the old look and feel of Windows 10, or at least some of the features that are now missing in the newer operating system. Thankfully, numerous apps are available to get your Windows 11 experience customized how you like while removing unwanted bloatware […]
Learn More
Microsoft warned customers today that Exchange Server 2013 will reach its extended end-of-support (EOS) date 90 days from now, on April 11, 2023. Exchange Server 2013 was released in January 2013 and has already reached the mainstream end date more than four years ago, in April 2018. After the extended EOS date is reached, Microsoft will no longer provide technical […]
Learn More
Today is Microsoft’s January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws. This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as ‘Critical.’ Microsoft gave the vulnerabilities this severity rating as they […]
Learn More
Starting today, WhatsApp allows users to connect via proxy servers due to Internet shutdowns or if their governments block the service in their country. The new proxy support option is available to all users running the latest WhatsApp iOS and Android applications. WhatsApp said that connecting through a proxy will maintain the messages’ privacy and security as they will […]
Learn More
Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered internally by Synology’s Product Security Incident Response Team (PSIRT) in the VPN Plus Server software and was given a maximum CVSS3 Base Score of 10 by the company. VPN Plus […]
Learn More
A previously unknown Linux malware has been exploiting 30 vulnerabilities in multiple outdated WordPress plugins and themes to inject malicious JavaScript. According to a report by antivirus vendor Dr. Web, the malware targets both 32-bit and 64-bit Linux systems, giving its operator remote command capabilities. The main functionality of the trojan is to hack WordPress sites using a set of […]
Learn More
Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible. The flaw impacts multiple Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. Although Netgear did not disclose any information about the component affected by this bug or […]
Learn More
Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products. Among the products impersonated in these campaigns include Grammarly, MSI Afterburner, Slack, Dashlane, Malwarebytes, Audacity, μTorrent, OBS, Ring, AnyDesk, Libre Office, Teamviewer, Thunderbird, and Brave. The threat actors the clone official websites of the above […]
Learn More Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000 websites. YITH WooCommerce Gift Cards Premium is a plugin that website operators to sell gift cards in their online stores. Exploiting the vulnerability, tracked as CVE-2022-45359 (CVSS v3: 9.8), allows unauthenticated attackers to upload files to vulnerable sites, […]
Learn More
LastPass, a password manager with over 25 million users, gave more details about the latest breach into the company’s systems. The firm claims users’ personal data or master passwords were not affected – yet researchers are worried. In a blog post, Karim Touba, Chief Executive of LastPass, once again confirmed that a threat actor had […]
Learn More An Android banking malware named ‘Godfather’ has been targeting users in 16 countries, attempting to steal account credentials for over 400 online banking sites and cryptocurrency exchanges. The malware generates login screens overlaid on top of the banking and crypto exchange apps’ login forms when victims attempt to log in to the site, tricking the […]
Learn More Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. The attackers used malicious standalone JavaScript files to exploit the CVE-2022-44698 zero-day to bypass Mark-of-the-Web security warnings displayed by Windows to alert users that files originating from the Internet should be treated […]
Learn More Today is Microsoft’s December 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities, including an actively exploited bug, and a total of 49 flaws. Six of the 49 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow remote code execution, one of the most severe types of vulnerabilities. The number […]
Learn More Microsoft is finally adding a built-in screen recorder to Windows 11 through the Snipping Tool, enabling users to capture videos of their desktop without the need for a third-party app. The update is being pushed as part of a phased roll-out to Windows Insiders in the Dev Channel and will be available once Snipping Tool […]
Learn More
Microsoft is working to address a new known issue affecting apps using ODBC database connections after installing the November 2022 Patch Tuesday Windows updates. According to Redmond, affected apps might fail to connect to databases via connections using the Microsoft ODBC SQL Server driver. “After installing this update, apps that use ODBC connections through Microsoft ODBC […]
Learn More A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. The apps were discovered by Dr. Web antivirus and pretend to be useful utilities and system optimizers but, in reality, are the sources of performance hiccups, ads, and user experience degradation. One app illustrated by […]
Learn More LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022. The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service. “We recently detected unusual activity within a third-party cloud storage service, which is currently shared by […]
Learn More Windows 11 may soon show a system tray indicator notifying when your computer is connected to a VPN, allowing users wishing to browse anonymously to ensure they are connected. With your online data treated as a commodity, many users have started to use VPN services to hide their identity while browsing the web, streaming movies, […]
Learn More
Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year. “Google is aware that an exploit for CVE-2022-4135 exists in the wild,” reads the update notice. As users need time to apply the security update on their Chrome installations, […]
Learn More Microsoft has tagged Windows 10, version 22H2 (aka the Windows 10 2022 Update) for broad deployment, thus making it available to everyone via Windows Update. The announcement comes one month after this version was officially released on October 22 and almost four months after Microsoft released a preview version for enterprise testing on July 28. “If you have an […]
Learn More An information-stealing Google Chrome browser extension named ‘VenomSoftX’ is being deployed by Windows malware to steal cryptocurrency and clipboard contents as users browse the web. This Chrome extension is being installed by the ViperSoftX Windows malware, which acts as a JavaScript-based RAT (remote access trojan) and cryptocurrency hijacker. However, in a new report today by Avast, researchers […]
Learn More
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings. When files are downloaded from an untrusted remote location, such as the Internet or an email attachment, Windows add a special attribute to the file called the Mark of the Web. When a user […]
Learn More Microsoft has released this month’s optional KB5020030 Preview cumulative update for all editions of Windows 10 20H2, 21H1, 21H2, and 22H2. Today’s update comes with ten bug fixes and enhancements, including fixes for persistent Microsoft Store update failures and an issue causing Direct3D 9 (D3D9) to crash when using Microsoft Remote Desktop. The KB5020030 cumulative […]
Learn More A new Chrome browser botnet named ‘Cloud9’ has been discovered in the wild using malicious extensions to steal online accounts, log keystrokes, inject ads and malicious JS code, and enlist the victim’s browser in DDoS attacks. The Cloud9 browser botnet is effectively a remote access trojan (RAT) for the Chromium web browser, including Google Chrome […]
Learn More Today is Microsoft’s November 2022 Patch Tuesday, and with it comes fixes for six actively exploited Windows vulnerabilities and a total of 68 flaws. Eleven of the 68 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow privilege elevation, spoofing, or remote code execution, one of the most severe types of vulnerabilities. […]
Learn More
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. The company discovered the attackers breached the account on October 14 when GitHub notified it of suspicious activity that started one day before the alert was […]
Learn More
The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections. The vulnerabilities (CVE-2022-3602 and CVE-2022-3786) affect OpenSSL version 3.0.0 and later and have been addressed in OpenSSL 3.0.7. CVE-2022-3602 is an arbitrary 4-byte stack buffer overflow that could trigger crashes or lead to remote code execution (RCE), while CVE-2022-3786 can be […]
Learn More
Microsoft has released out-of-band updates to address a known issue causing OneDrive and OneDrive for Business to crash after installing recent Windows 10 updates. The issue occurs when signing out or unlinking OneDrive accounts or sites and folders from Microsoft Teams and SharePoint. “After installing KB5018410 or later updates, OneDrive might unexpectedly close,” Affected users […]
Learn More Google has released an emergency security update for the Chrome desktop web browser to address a single vulnerability known to be exploited in attacks. The company doesn’t provide many details about the vulnerability for security reasons, allowing Chrome’s user base enough time to update the web browser to version 107.0.5304.87/88, which addresses the problem. “Access to bug […]
Learn More In security updates released on Monday, Apple has fixed the ninth zero-day vulnerability used in attacks against iPhones since the start of the year. Apple revealed in an advisory today that it’s aware of reports saying the security flaw “may have been actively exploited.” This can result in data corruption, application crashes, or code execution […]
Learn More
A bug in Microsoft Office 365 Message Encryption (OME) could expose email content to threat actors. WithSecure, formerly known as F-Secure Business, released advisory warning organizations of a security flaw in OME and emphasized that there’s no patch currently available to fix the bug. OME utilizes the Electronic Codebook (ECB) implementation – a mode of […]
Learn More Microsoft has released the long-awaited Windows 11 tabbed File Explorer, Suggested Actions, Taskbar Overflow features, and Task Manager quick-access features in a new preview cumulative update. Microsoft has released the Windows 11 KB5019509 preview cumulative update to enable new features that were not ready when 22H2 was released. Microsoft says that they will start to roll […]
Learn More Microsoft announced today that IT admins can now configure any Windows system still receiving security updates to automatically block brute force attacks targeting local administrator accounts via a group policy. Microsoft added this policy as they say Windows does not currently apply Account Lockout policies to “local administrators,” allowing threat actors to repeatedly brute force passwords […]
Learn More Microsoft’s October 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 84 flaws. Thirteen of the 84 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow privilege elevation, spoofing, or remote code execution, one of the most severe types of vulnerabilities. The number of bugs in each […]
Learn More
Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an auth bypass on the administrative interface that enables remote threat actors to log into FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management instances. “An authentication bypass […]
Learn More Microsoft has confirmed a new known issue causing customers to experience a significant performance hit when copying large files over SMB after installing the Windows 11 22H2 update. While Redmond hasn’t shared how much longer such file operations will take on affected systems, user reports say that the amount of time needed could more than double in […]
Learn More WhatsApp issued patches for two remote code execution (RCE) flaws. CVE-2022-36934 scored 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS), and CVE-2022-27492 scored 7.8 (high severity.) The exploitation of CVE-2022-36934 could lead to an integer overflow in WhatsApp for Android, resulting in RCE in an established video call. Versions affected by the […]
Learn More
A new Android spyware named ‘RatMilad’ was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. The RatMilad spyware was discovered by mobile security firm Zimperium who warned that the malware could be used for cyber espionage, extortion, or to eavesdrop on victim’s conversations. “Similar to other mobile spyware […]
Learn More Security researchers have discovered a malicious campaign by the ‘Witchetty’ hacking group, which uses steganography to hide a backdoor malware in a Windows logo. Using the Windows logo against you In this campaign, the hackers refreshed their toolkit to target different vulnerabilities and used steganography to hide their malicious payload from antivirus software. Steganography is […]
Learn More Russian telecom watchdog Roskomnadzor demanded explanations today from Apple regarding the removal of all VK apps, including the app for the country’s largest social network VKontakte, from its App Store on Monday. Two of the apps removed from the Apple Store, the VKontakte social network application and the Mail.ru mail app, are included on the […]
Learn More
Security researchers have discovered 75 applications on Google Play and another ten on Apple’s App Store engaged in ad fraud. Collectively, they add to 13 million installations. Apart from flooding mobile users with advertisements, both visible and hidden, the fraudulent apps also generated revenue by impersonating legitimate apps and impressions. Researchers from HUMAN’s Satori Threat […]
Learn More
Microsoft is investigating a known issue affecting Outlook for Microsoft 365 users and preventing them from creating Teams meetings using the app’s ribbon menu. The Teams Meeting add-in, as its name says, can be found in the Calendar view and it enables Outlook users to schedule a Teams meeting from Outlook. This issue occurs because the Teams Meeting add-in for Outlook becomes […]
Learn More Windows 11 version 22H2 is arriving soon and it won’t be a massive release, but there will be several quality improvements and bug fixes. Microsoft has already confirmed the features coming to Windows 11 with version 22H2 and users can test them by joining the Windows Insider Program. One of the new features is the […]
Learn More Microsoft’s September 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 63 flaws. Five of the 63 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow remote code execution, one of the most severe types of vulnerabilities. The number of bugs in each vulnerability […]
Learn More
HP issued a security advisory alerting users about a newly discovered vulnerability in HP Support Assistant, a software tool that comes pre-installed on all HP laptops and desktop computers, including the Omen sub-brand. HP Support Assistant is used to troubleshoot issues, perform hardware diagnostic tests, dive deeper into technical specifications, and even check for BIOS […]
Learn More
The Mirai malware botnet variant known as ‘MooBot’ has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits. MooBot was discovered by analysts at Fortinet in December 2021, targeting a flaw in Hikvision cameras to spread quickly and enlist a large number […]
Learn More Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux users to address a single high-severity security flaw, the sixth Chrome zero-day exploited in attacks patched this year. This new version is rolling out in the Stable Desktop channel, with Google saying that it will reach the entire user base within a matter of days […]
Learn More
Threat analysts at McAfee found five Google Chrome extensions that steal track users’ browsing activity. Collectively, the extensions have been downloaded more then 1.4 million times. The purpose of the malicious extensions is to monitor when users visit e-commerce website and to modify the visitor’s cookie to appear as if they came through a referrer link. For this, the authors […]
Learn More Apple has released new security updates to backport patches released earlier this month to older iPhones and iPads addressing a remotely exploitable WebKit zero-day that allows attackers to execute arbitrary code on unpatched devices. This zero-day vulnerability is the same one Apple patched for macOS Monterey and iPhone/iPad devices on August 17, and for Safari on August 18. The flaw is tracked as CVE-2022-3289 and is an out-of-bounds […]
Learn More Microsoft has released the optional KB5016691 Preview cumulative update for Windows 11 with 22 fixes or improvements. This Windows 11 cumulative update is part of Microsoft’s August 2022 monthly “C” update, allowing users to test upcoming fixes coming in the September 2022 Patch Tuesday. As preview updates do not contain security fixes, they are optional […]
Learn More Password management firm LastPass was hacked two weeks ago, enabling threat actors to steal the company’s source code and proprietary technical information. After sending questions about the attack, LastPass released a security advisory today confirming that it was breached through a compromised developer account that hackers used to access the company’s developer environment. While LastPass […]
Learn More
State-sponsored Iranian hacking group Charming Kitten has been using a new tool to download email messages from targeted Gmail, Yahoo, and Microsoft Outlook accounts. The name of the utility is Hyperscraper and like many of the threat actor’s tools and operations, it is far from sophisticated. But its lack of technical complexity is balanced by […]
Learn More
A new batch of thirty-five malware Android apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims’ mobile devices. The apps were found by security researchers at Bitdefender, who employed a real-time behavior-based analysis method to discover the potentially malicious applications. Following standard […]
Learn More Apple has released emergency security updates today to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. Zero-day vulnerabilities are security flaws known by attackers or researchers before the software vendor has become aware or been able to patch them. In many cases, zero-days have public proof-of-concept exploits or are actively […]
Learn More Google has released a security update for the Chrome browser that addresses close to a dozen vulnerabilities, including a zero-day flaw that is being exploited in the wild. The security update is currently rolling out for Windows, Mac and Linux. Users who have automatic updates turned on should receive it in the coming days/weeks. Few details on […]
Learn More
Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks. VNC (virtual network computing) is a platform-independent system meant to help users connect to systems that require monitoring and adjustments, offering control of a remote computer via […]
Learn More
Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads. Vendor-specific bootloaders used by Windows were found to be vulnerable while the status of almost a dozen others is currently unknown. Threat actors could exploit […]
Learn More Microsoft’s August 2022 Patch Tuesday, and with it comes fixes for the actively exploited ‘DogWalk’ zero-day vulnerability and a total of 121 flaws. Seventeen of the 121 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow remote code execution or elevation of privileges. The number of bugs in each vulnerability category is listed […]
Learn More
Microsoft is rolling out a new update to the Microsoft Edge Stable Channel over the coming days to improve the web browser’s security defaults when visiting less popular websites. Starting with version 104.0.1293.47, Edge will toggle on the “Basic” level of security when the “Enhance your security on the web” optional browsing mode is enabled […]
Learn More Microsoft has confirmed that the next version of Windows 10 is “version 22H2,” which is slated to start rolling out later this year as a feature update. Microsoft has already begun testing the new Windows 10 22H2 version in the Windows Insider Release preview channel, allowing both consumers and the enterprise to test its new feature before […]
Learn More Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several file types threat actors have recently adopted to infect targets with malware in phishing attacks. “Windows 11 with smart app control blocks iso and lnk files that have mark of the web just […]
Learn More
Microsoft has announced a new security product allowing security teams to spot Internet-exposed resources in their organization’s environment that attackers could use to breach their networks. The focus is on unmanaged or unknown assets added to the environment after mergers or acquisitions, created by shadow IT, missing from inventory due to incomplete cataloging, or left […]
Learn More Microsoft says the Outlook email client will crash when opening and reading emails with tables such as Uber receipt emails. “When opening, replying, or forwarding some emails that include complex tables, Outlook stops responding,” the company explains in a support document. To make matters worse, emails with the same table contents will also cause the […]
Learn More A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times on mobile devices. The apps pose as image-editing tools, virtual keyboards, system optimizers, wallpaper changers, and more. However, their underlying functionality is to push intrusive ads, subscribe users […]
Learn More
Microsoft has reminded customers once again that Windows Server, version 20H2, will be reaching its End of Service (EOS) in less than a month, on August 9. This reminder follows two other warnings since May 2022 that this Windows Server version will reach its mainstream support end date for Standard Core and Datacenter Core users. “On August 9, […]
Learn More Recent Windows 11 builds come with the Account Lockout Policy enabled by default which will automatically lock user accounts (including Administrator accounts) after 10 failed sign-in attempts for 10 minutes. The account brute forcing process commonly requires guessing the passwords using automated tools. This tactic is now blocked by default on the latest Windows 11 builds (Insider […]
Learn More
Today is the deadline for Android developers to populate Google’s new Data Safety section in the Play Store. The policy update requires all Android app developers to declare how they collect and handle user data for the apps they publish on Google Play by July 20. Nonetheless, Google apparently will use the new safety feature to replace the […]
Learn More Google has sped up the rollout of the ‘Data Safety’ feature for Android apps on the Play Store. While announced in April, the feature appears to have completely replaced the ‘App Permissions’ list. The permissions list provided users with information on what app developers can do with their devices. The information was particularly useful for […]
Learn More A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos. Over 400 million individuals and companies are using PayPal as an online payment solution. The kit is hosted on legitimate WordPress websites that have been hacked, which allows […]
Learn More Today is Microsoft’s July 2022 Patch Tuesday, and with it comes fixes for one actively exploited zero-day vulnerability and a total of 84 flaws. Four of the 84 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow remote code execution. The number of bugs in each vulnerability category is listed below: 52 […]
Learn More Microsoft is investigating an issue causing Outlook search not to display recent emails in desktop apps running on Windows 11 systems. The problem affects POP, IMAP, and offline Exchange accounts because Outlook’s search feature uses the local Windows Search service to index emails. Microsoft 365 and connected Exchange accounts are not impacted because they use Service […]
Learn More
The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S. “North Korean state-sponsored […]
Learn More
Apple announced that a new security feature known as Lockdown Mode will roll out with iOS 16, iPadOS 16, and macOS Ventura to protect high-risk individuals like human rights defenders, journalists, and dissidents against targeted spyware attacks. Once enabled, the Lockdown Mode will provide Apple customers with messaging, web browsing, and connectivity protections designed to […]
Learn More Microsoft has released the optional KB5014666 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and new, unexpected printing features. The KB5014666 cumulative update preview is part of Microsoft’s June 2022 monthly “C” update, allowing admins to test fixes in the July 2022 Patch Tuesday. […]
Learn More
A new phishing attack is using Facebook Messenger chatbots to impersonate the company’s support team and steal credentials used to manage Facebook pages. Chatbots are programs that impersonate live support people and are commonly used to provide answers to simple questions or triage customer support cases before they are handed off to a live employee. […]
Learn More
Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. PyPI is a repository of open-source packages that software developers use to pick the building blocks of their Python-based projects or share their work with the community. While […]
Learn More Google’s Threat Analysis Group (TAG) revealed today that RCS Labs, an Italian spyware vendor, has received help from some Internet service providers (ISPs) to infect Android and iOS users in Italy and Kazakhstan with commercial surveillance tools. RCS Labs is just one of more than 30 spyware vendors whose activity is currently tracked by Google, […]
Learn More
Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users. Adobe’s product is checking if components from 30 security products are loaded into its processes and likely blocks them, essentially denying them from monitoring for malicious activity. […]
Learn More This month’s Windows Server updates are causing a wide range of issues, including VPN and RDP connectivity problems on servers with Routing and Remote Access Service (RRAS) enabled. RRAS is a Windows service that offers additional TCP connectivity and routing features, including remote access or site-to-site connectivity with the help of virtual private network (VPN) […]
Learn More WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated en masse this week to a new build that addresses a critical security vulnerability likely exploited in the wild. The vulnerability is a code injection vulnerability affecting multiple Ninja Forms releases, starting with version 3.0 and up. […]
Learn More Microsoft has announced today the general availability of Microsoft Defender for Individuals, the company’s new security solution for personal phones and computers. This new cross-device security solution is available for all Microsoft 365 customers with Personal ($6.99/month) or Family ($9.99/month) subscriptions starting today. First unveiled for Windows 11 Insiders in March, Defender for Individuals provides malware and […]
Learn More
Anker’s central smart home device hub, Eufy Homebase 2, was vulnerable to three vulnerabilities, one of which is a critical remote code execution (RCE) flaw. Homebase 2 is the video storage and networking gateway for all Anker’s Eufy smart home devices, including video doorbells, indoor security cameras, smart locks, alarm systems, and more. Homebase operates […]
Learn More Microsoft’s June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows MSDT ‘Follina’ zero-day vulnerability and new Intel MMIO flaws. Of the 55 vulnerabilities fixed in today’s update, three are classified as ‘Critical’ as they allow remote code execution, with the rest classified as Important. This does not include 5 Microsoft […]
Learn More
Mozilla says that all Firefox users will now be protected by default against cross-site tracking while browsing the Internet. This is because, starting today, Mozilla is rolling out and enabling its Total Cookie Protection set of privacy improvements for all Firefox users worldwide. Total Cookie Protection forces all websites to keep their cookies in separate […]
Learn More
Researchers at the University of Hamburg in Germany have conducted a field experiment capturing hundreds of thousands of passersby’s WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it. WiFi probing is a standard process, part of the bilateral communication required between a smartphone and an access point […]
Learn More The UK wants to investigate Apple and Google’s market power in mobile browsers and Apple’s restrictions on cloud gaming through its App Store. “When it comes to how people use mobile phones, Apple and Google hold all the cards. As good as many of their services and products are, their strong grip on mobile ecosystems […]
Learn More The Emotet botnet is now attempting to infect potential victims with a credit card stealer module designed to harvest credit card information stored in Google Chrome user profiles. After stealing the credit card info (i.e., name, expiration month and year, card numbers), the malware will send it to command-and-control (C2) servers different than the ones […]
Learn More Google has released the June 2022 security updates for Android devices running OS versions 10, 11, and 12, fixing 41 vulnerabilities, five rated critical. The security update is separated into two levels, released on June 1 and June 5. The first one contains patches for Android system and framework components and the second one includes […]
Learn More Apple said this week that it blocked more than 343,000 iOS apps were blocked by the App Store App Review team for privacy violations last year, while another 157,000 were rejected for attempting to mislead or spamming iOS users. The company added that it also blocked over 34,500 applications from getting indexed on the App […]
Learn More The malware spreads through push notifications, alerts, and malvertising on free video streaming, adult sites, and game-hack pages. TrojanSMS, which the company calls SMSFactory, siphons money from victims worldwide, including the US, France, and Spain, by sending premium SMS and making calls to premium-rate phone numbers. “These numbers appear to be part of a conversion […]
Learn More
Europol has announced the takedown of the FluBot operation, one of the largest and fastest-growing Android malware operations in existence. The malware operation’s takedown resulted from a law enforcement operation involving eleven countries following a complex technical investigation to pinpoint FluBot’s most critical infrastructure. The participants in the operation were Australia, Belgium, Finland, Hungary, Ireland, […]
Learn More There’s a trick that allows attackers to hijack a victim’s WhatsApp account and gain access to personal messages and contact list. The method relies on the mobile carriers’ automated service to forward calls to a different phone number, and WhatsApp’s option to send a one-time password (OTP) verification code via voice call. The MMI code […]
Learn More
Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely. The bug is a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability. The flaw impacts all Windows versions still receiving security updates (Windows 7+ and Server 2008+). As […]
Learn More Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers. The vulnerable apps have millions of downloads on Google’s Play Store and come pre-installed as system applications on devices bought from affected telecommunications operators, including AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile. “The apps were […]
Learn More Mozilla has released security updates for multiple products to address zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2022 hacking contest. If exploited, the two critical flaws can let attackers gain JavaScript code execution on mobile and desktop devices running vulnerable versions of Firefox, Firefox ESR, Firefox for Android, and Thunderbird. The zero-days have been fixed […]
Learn More Security researchers have revealed that hackers can hijack your online accounts before you even register them by exploiting flaws that have been already been fixed on popular websites, including Instagram, LinkedIn, Zoom, WordPress, and Dropbox. Andrew Paverd, a researcher at Microsoft Security Response Center, and Avinash Sudhodanan, an independent security researcher, analyzed 75 popular online […]
Learn More Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. The choice of PDFs is unusual, as most malicious emails today arrive with DOCX or XLS attachments laced with malware-loading macro code. However, as people become more educated about opening malicious Microsoft Office […]
Learn More Microsoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers. The company has been working on a fix for this known issue causing authentication failures for some Windows services since May 12. “After installing updates released May 10, 2022 on your domain controllers, you […]
Learn More Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors. This approach automates the process for attackers and gives a sense of legitimacy to visitors of the malicious sites, as chatbots are commonly found on websites for legitimate brands. It starts with an email The […]
Learn More Microsoft has reminded customers today that Windows Server, version 20H2, will be reaching the end of service (EOS) on August 9, 2022. In a support document published today, Microsoft says that Windows Server 20H2 will reach the mainstream support end date for Datacenter Core and Standard Core users. Released on October 20, 2020, this Semi-Annual Channel release […]
Learn More
Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices. Zero-days are security flaws that the software vendor is unaware of and hasn’t yet patched. In some cases, this type of vulnerability may also have publicly available proof-of-concept exploits before a patch […]
Learn More Windows admins have been expressing their dismay at Microsoft’s decision to move the Quick Assist remote assistance tool to the Microsoft Store. Quick Assist allows Windows 10 and Windows 11 users to receive or give assistance to other Windows users by taking control of their computer remotely. The app makes it much easier to assist […]
Learn More HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which allow code to run with Kernel privileges. Kernel-level privileges are the highest rights in Windows, allowing threat actors to execute any command at the Kernel level, including manipulating drivers and accessing the BIOS. The list […]
Learn More Microsoft is testing a new ‘Suggested Actions’ feature in Windows 11 Dev builds where the operating system suggests actions you can take with data you copy into the clipboard. Today, Microsoft again began offering different builds in the ‘Dev’ and ‘Beta’ channels, with the beta channel receiving Windows 11 build 22621 and the Dev channel […]
Learn More The Safety Detectives cybersecurity team discovered 150 GB of exposed data in the bucket with over 50,000 user avatars. Two separate databases contained different types of information, including user avatars (profile pictures on the website) and post images. “While this is publicly available information, user avatars could be used in conjunction with EXIF data to […]
Learn More
Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. This malware is linked to a cluster of malicious activity dubbed Raspberry Robin and was first observed in September 2021. Red Canary’s Detection Engineering team detected the worm in multiple customers’ networks, some in the technology and manufacturing […]
Learn More Microsoft says that its enterprise-grade endpoint security for small to medium-sized businesses is now generally available as a standalone solution. Known as Microsoft Defender for Business, this product is designed for SMBs with up to 300 employees who need protection against malware, phishing, and ransomware attacks on Windows, macOS, iOS, and Android devices. “Microsoft believes in security for all. We are […]
Learn More
Phishing emails increasingly target verified Twitter accounts with emails designed to steal their account credentials, as shown by numerous ongoing campaigns conducted by threat actors. Verified accounts on Twitter are designated by a blue check next to their name, which indicates account holders are notable influencers, celebrities, politicians, journalists, activists, and government and private organizations. […]
Learn More Synology has warned customers that some of its network-attached storage (NAS) appliances are exposed to attacks exploiting multiple critical Netatalk vulnerabilities. “Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM) and Synology Router Manager (SRM),” Synology said. Netatalk is an AFP […]
Learn More A new ransomware gang known as Black Basta has quickly catapulted into operation this month, breaching at least twelve companies in just a few weeks. The first known Black Basta attacks occurred in the second week of April, as the operation quickly began attacking companies worldwide. While ransom demands likely vary between victims, One victim who […]
Learn More Microsoft has released the optional KB5011831 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 that fixes 26 bugs. This update includes many bug fixes, including those for Microsoft OneDrive, Remote Desktop, News and Interest, Azure Active Directory, and delays in booting Windows 10. The KB5011831 cumulative update preview is […]
Learn More Security analysts have found that Android devices running on Qualcomm and MediaTek chipsets were vulnerable to remote code execution due to a flaw in the implementation of the Apple Lossless Audio Codec (ALAC). ALAC is an audio coding format for lossless audio compression that Apple open-sourced in 2011. Since then, the company has been releasing updates […]
Learn More
An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author. The four leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the threat actor, […]
Learn More Apple users are being warned by cryptocurrency wallet MetaMask over some security vulnerabilities involving iCloud backups. The warning is said to be against potential phishing attacks for all iPhone, iPad, and Mac users. It involves certain default device settings which store MetaMask users’ seed phrase onto iCloud, whenever anyone enables automatic backups for app data. […]
Learn More
Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. A total of three security issues were discovered, two of them allowing an attacker to disable the protection for the SPI flash memory chip where the UEFI firmware is stored […]
Learn More Microsoft has reminded customers earlier this week that Microsoft Office 2013 is approaching its end of support next year, advising them to switch to a newer version to reduce their exposure to security risks. “After five years of Mainstream Support, and five years of Extended Support, Office 2013 will reach the End of Extended Support […]
Learn More Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability actively used by threat actors in attacks. While Google states that this Chrome update will roll out in the next few weeks, users can receive it immediately by going into the Chrome menu > Help > About Google Chrome. […]
Learn More Threat actors have spoofed WhatsApp voicemail service to target close to 28 thousand mailboxes and steal user credentials. The Armorblox research team observed a phishing attack that spoofed voice message notifications from WhatsApp on multiple customer tenants across Office 365 and Google Workspace. Malicious emails were titled “New Incoming Voice Message,” suggesting that the victim […]
Learn More
An update to Raspberry Pi OS Bullseye has removed the default ‘pi’ user to make it harder for attackers to find and compromise Internet-exposed Raspberry Pi devices using default credentials. Starting with this latest release, when installing the OS, you will first be prompted to create an account by choosing a username and password (before […]
Learn More Microsoft’s April 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 119 flaws. Microsoft has fixed 119 vulnerabilities (not including 26 Microsoft Edge vulnerabilities) with today’s update, with ten classified as Critical as they allow remote code execution. The number of bugs in each vulnerability category is listed below: […]
Learn More Microsoft has reminded customers that multiple editions of Windows 10 20H2 and Windows 10 1909 are reaching the end of service (EOS) on May 10, 2022. Windows 10 20H2 (also known as the October 2020 Update) will reach EOS for Windows 10 Home, Pro, Pro Education, and Pro for Workstations users. It’s also worth mentioning […]
Learn More When Windows was first released, the most controversial changes were the new centered Start Menu and the reduced functionality of the Windows taskbar. In the past, the Start Menu was left-aligned on the taskbar, and it was possible to move the taskbar, so it was pinned to the top, sides, and bottom of the screen. […]
Learn More
Static Web Apps are the latest weapon in the scammer arsenal Cybercriminals have started using Static Web Apps, an Azure service, in their phishing attacks against Microsoft365 users. Researchers from MalwareHunterTeam noted Static Web Apps have two features that are being abused with ease – custom branding for web apps, and web hosting for static […]
Learn More
Forget Mos Eisley; Amazon is now a hive of scum and villainy Last weekend I attempted to buy a microSD card for my Steam Deck from Amazon. Okay, that’s not the most interesting start to a story you’ve probably read, but what should have been a quick and easy search and purchase instead turned into a rather demoralizing experience […]
Learn More Apple has released security updates to address two zero-day vulnerabilities exploited by attackers to hack iPhones, iPads, and Macs....
Learn More
Remote IT Management is the ability for Technology to be monitored and managed, making your workplace more efficient...
Learn More
Digitization has left loopholes for cybercriminals to attack all of us. Cyber attackers are working...
Learn More
Set up near natural light. Provide music to stay focused. Use headphones to block out noise and find the noise level that is right for you.
Learn More