On May 30, 2022, Microsoft issued an alert regarding a vulnerability in its Microsoft Support Diagnostic Tool that can be exploited using Microsoft Office documents and results in the unauthorized installation of programs or access to data.The vulnerability evades common protections associated with Microsoft Office documents, requires minimal user interaction, and can be used by a remote attacker to execute arbitrary code, escalate privileges to fully take over a machine, or deploy additional malware.
Read more »Tag: malware
-
The “Follina” Vulnerability: Microsoft Support Diagnostic Tool Alert for Zero Day Exploit CVE-2022-30190 Posted on: June 27, 2022 In: Data Privacy & Cybersecurity
-
FinCEN Alert: Malware/Ransomware Updates & New Perimeter Device Vulnerability Posted on: March 08, 2022 In: Data Privacy & Cybersecurity
There have recently been a number of developments in cybersecurity due to the Russia/Ukraine conflict. The Financial Crimes Enforcement Network (FinCEN) released an alert on March 7 advising all financial institutions to be vigilant against efforts to evade sanctions imposed in connection with the Russian invasion of Ukraine. The primary focus of the alert appears to be eliciting cooperation of financial institutions in identifying hidden Russian and Belarusian assets.
Read more »
-
Keeping the Creeps Off Your Computer: Tips to Avoid Scareware & Scare Scams Posted on: October 29, 2019 In: Data Privacy & Cybersecurity
Halloween is a great time to masquerade as your favorite supernatural or otherworldly character, generating harmless screams and candy. Not so harmless is the fear that scammers create by pretending to know something about you or your cyber system in order to scare you into sending them money.
Read more »
-
Social Engineering Targets: Email Compromises - A Quick Prevention Guide Posted on: October 15, 2018 In: Data Privacy & Cybersecurity
More than ever before, malicious actors are targeting email platforms in an attempt to access and monetize sensitive personal information. They often gain access to email accounts through the use of social engineering – inducing unsuspecting account owners to open email attachments that contain malicious computer code (malware).
Read more »
-
Ransomware and Encryption Attacks Posted on: August 15, 2017 In: Data Privacy & Cybersecurity
As organizations move towards the efficiencies of a “paperless office,” the very same internet-facing technologies that help create a more efficient and productive workplace can also greatly increase the risk of suffering a significant ransomware or encryption attack.
Read more »
-
Law Firm Data Security: Guardians of the Information Galaxy Posted on: May 02, 2017 In: Data Privacy & Cybersecurity
Let's start with what we know: attorneys must protect the information entrusted to them, and yet it may be impossible to prevent
Read more »