Hexafusion Blog

Hexafusion has been serving the British Columbia area since 2017, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Hackers Set Up a Fake Cybersecurity Firm to Target Security Experts

hackers-security-websites

A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack.

0 Comments
Continue reading

Data from 500M LinkedIn Users Posted for Sale Online

Linkedin-stolen-data

Like the Facebook incident earlier this week, the information — including user profile IDs, email addresses and other PII — was scraped from the social-media platform.

Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse.

Hackers posted an archive containing data they said includes LinkedIn IDs, full names, professional titles, email addresses, phone numbers and other personally identifiable information (PII) on a popular hacker forum, according to a report in CyberNews on Tuesday.

0 Comments
Continue reading

623M Payment Cards Stolen from Cybercrime Forum

Stolen credit cards

The Swarmshop cyber-underground “card shop” has been hit by hackers, who lifted the site’s database of stolen payment-card data and leaked it online.

That’s according to researchers at Group-IB, who said that the database was posted on a rival underground forum.

0 Comments
Continue reading

533 Million Facebook Users' Phone Numbers and Personal Data Leaked Online

facebook-hacked

In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability.

The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, city, country, marital status broken, account creation date, and other profile details broken down by country, with over 32 million records belonging to users in the U.S., 11 million users the U.K., and six million users in India, among others.

0 Comments
Continue reading

Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks

fortinet1
 

Threat actors are exploiting a Fortinet vulnerability flagged by the feds last week that delivers a new ransomware strain, dubbed Cring, that is targeting industrial enterprises across Europe.

Researchers say the attackers are exploiting an unpatched path-reversal flaw, tracked as CVE-2018-13379, in Fortinet’s FortiOS. The goal is to gain access to victims enterprise networks and ultimately deliver ransomware, according to a report by Kaspersky researchers published this week.

0 Comments
Continue reading

Booking.com fined $560,000 for GDPR data breach violation

booking.com-data-breach

Booking.com, Netherlands-based company failed to act quickly enough, says regulator

Travel services website Booking.com has been fined €475,000 (around $560,000) under GDPR laws after failing to report a data breach within the mandated timeframe.

0 Comments
Continue reading

Hackers Are Targeting Microsoft Exchange Servers With Ransomware

microsoft-exchange-ransomware

It didn't take long. Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week.

0 Comments
Continue reading

Linux Systems Under Attack By New RedXOR Malware

Linux-kernel-vulnerability

Researchers say the new RedXOR backdoor is targeting Linux systems with various data exfiltration and network traffic tunneling capabilities.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group.

0 Comments
Continue reading

Molson Coors brewing operations disrupted by cyberattack

Molson-Coors_Cyber-attack

The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations.

Molson Coors is well-known for its iconic beer brands, including Coors Light, Miller Lite, Molson Canadian, Blue Moon, Peroni, Killian's, and Foster's.

0 Comments
Continue reading

More hacking groups join Microsoft Exchange attack frenzy

Exchange-hack-

More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.

0 Comments
Continue reading

SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers

solarwinds hacker Chinese

A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group.

0 Comments
Continue reading

Microsoft Issues Security Patches for 89 Flaws — IE 0-Day Under Active Attacks

microsoft-patch

Microsoft plugged as many as 89 security flaws as part of its monthly Patch Tuesday updates released today, including fixes for an actively exploited zero-day in Internet Explorer that could permit an attacker to run arbitrary code on target machines.

Of these flaws, 14 are listed as Critical, and 75 are listed as Important in severity, out of which two of the bugs are described as publicly known, while five others have been reported as under active attack at the time of release.

0 Comments
Continue reading

Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices

Apple-security-updat_20210310-030137_1

Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content.

Tracked as CVE-2021-1844, the vulnerability was discovered and reported to the company by Clément Lecigne of Google's Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research.

According to the update notes posted by Apple, the flaw stems from a memory corruption issue that could lead to arbitrary code execution when processing specially crafted web content. The company said the problem was addressed with "improved validation."

0 Comments
Continue reading

CISA Strongly Urges All Organizations to Immediately Address Microsoft Exchange Vulnerabilities

microsoft-exchange-server-vs-exchange-online-hack-vulnerability

Remediating Microsoft Exchange Vulnerabilities

Everything you need to know about the Microsoft Exchange Server hack

Exchange-hacked

Everything you need to know about the Microsoft Exchange Server hack

Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by a state-sponsored threat group from China and appear to have been adopted by other cyberattackers in widespread attacks.

0 Comments
Continue reading

3 New Severe Security Vulnerabilities Found In SolarWinds Software

solarwinds-vulnerabilities

Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code execution with elevated privileges.

Two of the flaws (CVE-2021-25274 and CVE-2021-25275) were identified in the SolarWinds Orion Platform, while a third separate weakness (CVE-2021-25276) was found in the company's Serv-U FTP server for Windows, said cybersecurity firm Trustwave in technical analysis.

0 Comments
Continue reading

Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges

steven-seagal-bitcoin-scam

Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.

Hundreds of investors in a fake cryptocurrency scam were bilked out of $11 million by John DeMarr, who advised them to invest in fake cryptocurrency “Bitcoiin,” took their money and spent it on a Porsche, jewelry and upgrades to his home, a criminal complaint from the Department of Justice alleges.

0 Comments
Continue reading

How You Can Use Workflow Automation to Make the Office Better

How You Can Use Workflow Automation to Make the Office Better

While a lot of the focus on any business’ use of technology may be on its front-facing solutions, there’s a lot to be said about the technology solutions that power these businesses behind the scenes. Let’s consider a few ways that businesses are benefiting from automating some of these background processes.

0 Comments
Continue reading

Prioritizing Security with Your Messaging Apps

Prioritizing Security with Your Messaging Apps

If you asked your average person whether they are okay with their personal information being taken and used by businesses, you’d probably come across quite a bit of dissent. Ironically, it seems that people will give it right over via social media programs, but you are beginning to see some pushback when using apps. WhatsApp, the messaging app owned by Facebook, that is known for end-to-end encryption, has told users that they will soon be forced to share their personal data with Facebook.

0 Comments
Continue reading

Helpful Features Found in Google Docs

Helpful Features Found in Google Docs

Within Google Workspace is Google Docs, a useful word processing solution that can be accessed through your web browser. In case you’re new to using Google’s productivity software, we have decided to assemble a short introduction to some of Google Docs’ most useful tools and features.

0 Comments
Continue reading

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/