Are you using a password manager to securely store all of your passwords? The use of password managers has become very common. It allows people to keep track of a variety of passwords, which are...
The recent discovery of the Blast-RADIUS vulnerability (CVE-2024-3596) poses a significant risk to networks worldwide. This flaw in the RADIUS authentication protocol can be exploited by attackers to gain unauthorized access, launch denial-of-service attacks, and...
SUMMARY This notice covers CVE-2024-6387 OpenSSH vulnerability (nicknamed “regreSSHion”) and its impact related to GreenRADIUS. GreenRADIUS is accessed using SSH from an internal (on prem) origin and therefore normally protected by an external firewall. This...
This article from PCMag calls out dangers which apply to your passwords. Firstly the danger of reusing passwords over multiple sites, but even more importantly, the lack of security a password has by itself. Even...
Summary CVE-2021-44228 and CVE-2021-45046 (Log4Shell or LogJam) are both zero-day vulnerabilities in the widely used Apache Log4j Java-based logging library. Since it is widely used in many popular products, customers have contacted Green Rocket Security...
LokiBot Trojan Malware (a.k.a LukiBot, Lokibot, Loki PWS, and Loki-bot) is active again stealing sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials. It was first discovered in 2015 and has been used...
A new ransomware has been uncovered by Blackberry that has been “in-the-wild” since at least December 2019. Named “Tycoon”, it targets Windows and Linux systems on compromised networks. And it seems to specifically target the...
As the Novel Coronavirus / COVID-19 impacts life around the world, it has also forced many workers to connect and work remotely. This opens up users and organizations to potential threats with remote access being...
Generally, when we think of securing our organization, we usually focus on securing the perimeter with firewalls, VPNs, limiting access points, and maybe some mail filtering to block malicious attachments. But some attacks that have...
Late last week, the UK Parliament was under a “sustained” cyber attack. Of course, the hackers were exploiting a known weakness common to many organizations — single-factor authentication which relies solely on passwords. The parliamentary...
