Blog - Hexafusion Blog | Hexafusion

Hexafusion Blog

Hexafusion management team has been serving businesses in Canada and the United States since 2014, providing IT Services such as IT support, IT security, computer support and consulting to small and medium-sized businesses.

Apple patches “FORCEDENTRY” zero-day exploited by Pegasus spyware

Apple-security-updates-patches

Apple has released several security updates this week to patch a "FORCEDENTRY" vulnerability on iOS devices. The "zero-click, zero-day" vulnerability has been actively exploited by Pegasus, a spyware app developed by the Israeli company NSO Group, which has been known to target activists, journalists, and prominent people around the world.

Tracked as CVE-2021-30860, the vulnerability needs little to no interaction by an iPhone user to be exploited—hence the name "FORCEDENTRY."

0 Comments
Continue reading

Microsoft Patch Tuesday – September 2021

microsoft-patch-tuesday-september

The September 2021 edition of Patch Tuesday brings us 64 fixes, 3 of which are rated as critical with one actively exploited. We've listed the most important changes below.

Tags:
0 Comments
Continue reading

Microsoft Patch Tuesday – July 2021

microsoft-patch-tuesday

9 Zero-days Fixed - 3 Actively Exploited

Patch Tuesday is once again upon us. The Patch Tuesday, July 2021 brings us 117 fixes, 15 of which are rated as critical including a highly critical Microsoft Sharepoint Server RCE vulnerability. We've listed the most important changes below and listed all of the fixes included.

0 Comments
Continue reading

Kaseya VSA zero-day Attack Became The Biggest Global Ransomware Attack

Kaseya-ransomware

Today's Kaseya VSA ransomware attack is the largest in history. More details have been revealed about the Russia-linked gang's attack on the company that was the conduit.

0 Comments
Continue reading

Another Supply Chain Attack Infecting Kaseya VSA On-premises‎ users with REvil ransomware

Kaseya-VSA-cyber-attack

Kaseya VSA Users Under Ransomware Attack. Kaseya is urging MSPs to shut down on-premises VSA servers immediately.

0 Comments
Continue reading

PoC Exploit Circulating for Critical Windows Print Spooler Bug

PrintNightMare

The “PrintNightmare” bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code-execution attacks.

UPDATE

A proof-of-concept for a critical Windows security vulnerability that allows remote code execution (RCE) was dropped on GitHub on Tuesday – and while it was taken back down within a few hours, the code was copied and is still out there circulating on the platform.

0 Comments
Continue reading

30 Million Dell Devices at Risk for Remote BIOS Attacks

Dell-bios

A high-severity series of four vulnerabilities can allow remote adversaries to gain arbitrary code execution in the pre-boot environment on Dell devices, researchers said. They affect an estimated 30 million individual Dell endpoints worldwide.

Tags:
0 Comments
Continue reading

EA Data Breach, 780GB Source Code of FIFA 2021 Advertised for Sale

FIFA-2021

The group of hackers who stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token, Motherboard has learned.

0 Comments
Continue reading

Recent TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites

TLS-hack

Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim's web browser to a different TLS service endpoint located on another IP address to steal sensitive information.

0 Comments
Continue reading

Update Your Chrome Browser ASAP!

googlechrome

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today.

0 Comments
Continue reading

JBS Paid Hackers $11 Million Ransom After Cyberattack

beef-supplier-jbs-ransomware-hack

Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month.

0 Comments
Continue reading

5 Things To Do When Your Business Is Hacked

Hacked-business

As businesses move to a remote workforce, hackers have increased their activity to capitalize on new security holes. Cybercriminals often use unsophisticated methods that continue to be extremely successful.

These include phishing emails to harvest credentials and gain easy access to business-critical environments.

0 Comments
Continue reading

Prometheus Ransomware Targets Dozens of Businesses Worldwide

prometheus-ransomware

An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate.

Tags:
0 Comments
Continue reading

Microsoft Patch Tuesday – June 2021

microsoft-patch-tuesday

It's the second tuesday of the month: time for the Microsoft Patch Tuesday, June 2021 edition. This month, it contains 52 fixes for several security flaws for Windows and other products. We have discussed the most critical ones and made a list of all the other vulnerabilities.

0 Comments
Continue reading

Hackers‌ ‌Actively‌ ‌Exploiting‌ ‌0-Day‌ ‌in WordPress Plugin Installed on Over ‌17,000‌ ‌Sites

fancy-product-designer

Fancy Product Designer, a WordPress plugin installed on over 17,000 sites, has been discovered to contain a critical file upload vulnerability that's being actively exploited in the wild to upload malware onto sites that have the plugin installed.

Wordfence's threat intelligence team, which discovered the flaw, said it reported the issue to the plugin's developer on May 31. While the flaw has been acknowledged, it's yet to be addressed.

0 Comments
Continue reading

Cyberattack Forces Meat Producer to Shut Down Operations in U.S., Australia

meat-industry-cyberattack-hackers

Global food distributor JBS Foods suffered an unspecified incident over the weekend that disrupted several servers supporting IT systems and could affect the supply chain for some time.

The world’s largest meat distributor shut down some operations in both the United States and Australia over the Memorial Day weekend after a cyberattack on its IT systems that could have a significant effect on the food supply chain if not resolved quickly.

0 Comments
Continue reading

Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors

amazon-sidewalk

Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors — unless you choose to opt-out.

0 Comments
Continue reading

17 Top Tech Buzzwords You Need To Know

Technology-Buzzwords

These days, it seems whenever technology is mentioned in the media, there is a new buzzword to boot.

Navigating them can become a nightmare, and you’d be forgiven for not being able to tell your VR from your AI and your IoT.

We have decided to gather the super-futuristic tech lingo in one place and lay it out in layman’s terms.

0 Comments
Continue reading

Japanese government agencies suffer data breaches after Fujitsu hack

fujitsu-hack

Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities.

Threat actors have stolen files from several official government agencies of Japan by hacking into Fujitsu’s software-as-a-service (SaaS) platform and gaining access to its systems.

0 Comments
Continue reading

Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact

constant-contact-russian-hackers

Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact and posing as a U.S.-based development organization to deliver malicious URLs to more than 150 organizations.

The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities.

0 Comments
Continue reading

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/