In 2022, the Federal Communications Commission (FCC) adopted rules to implement the Secure Equipment Act of 2021. Those rules, which in large part took effect on February 6, 2023, prevent manufacturers on the FCC’s Covered List – companies whose products are deemed to pose a risk by national security [...]
Not yet Cinco de Mayo, today we celebrate an equally festive day (in techie minds) - World Password Day!! Celebrated the first Thursday of May, Password Day was created to raise awareness about the importance of password security, the most prominent threats, and best practices for users to follow. [...]
Phishing emails continue to grow in volume and sophistication. Hackers are doing due diligence and making emails more personalized, thus easier to fall for. In addition, the availability of AI tools allows for generation of beautifully written, well-structured emails on just about any subject. Foreign hackers can even write [...]
The surge in using artificial intelligence tools like ChatGPT has already resulted in workers leaking sensitive company data to bots, but a new technology aims to protect company data. In fact, it's already happening. Samsung recently experienced a series of leaks after employees purportedly pasted source code into the new bot, [...]
Google just released an emergency update for Chrome. In a new blog post, Google confirmed the discovery of the Zero Day vulnerability and it impacts Chrome on Windows, Mac and Linux. Google also confirmed it is aware that an exploit exists in the wild. The vulnerability, CVE-2023-2033, stems from a “Type [...]
Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. CVE-2023-28205 is a use after free issue in the WebKit browser engine, which is used by Safari and all web browsers on iOS and iPadOS. The flaw can be triggered via [...]
Adobe just released eight advisories addressing multiple vulnerabilities in Adobe Commerce, Experience Manager, Illustrator, Dimension, Creative Cloud, Substance 3D Stager, Photoshop, and ColdFusion products. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on [...]
The Cybersecurity and Infrastructure Security Agency (CISA) recently released a Ransomware Advisory site to publish updates for network defenders that detail various ransomware variants and ransomware threat actors. You can visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources. The [...]
Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and Macs. The zero-day patched today is tracked as CVE-2023-23529 [1, 2] and is a WebKit confusion issue that could be exploited to trigger OS crashes and gain code execution on [...]
NJCCIC recently identified an aggressive phishing campaign targeting several New Jersey State agencies that regularly communicate with law firms. The phishing email’s subject line claims to reference various types of legal documents, such as settlements, reviews, or payment claims. The body contains an HTML link that appears to be [...]
The Department of Health and Human Services (HHS) warned on Monday that pro-Russian hacktivist group Killnet is actively targeting the U.S. healthcare industry with distributed denial of service (DDoS) attacks. A pro-Russian hacktivist group active since at least January 2022, Killnet known for its DDoS campaigns against countries supporting Ukraine, [...]
Microsoft Kicks Off 2023 With 98 Fixes Microsoft released a whopping 98 security fixes for yesterday's Patch Tuesday, almost double the number it turned out leading into the holiday season. Out of the 98, eleven were classified as "Critical", with one identified as being actively exploited. The actively exploited [...]
1 South Corporate Drive, Riverdale, NJ 07457
CALL: +1-973-276-0808
FAX: 973-248-6645
EMAIL: [email protected]
NJ Service Areas
All work performed by Business Machine Technologies Inc. shall be subject to the terms of the Master Services Agreement which can be reviewed at www.bmtcorp.com/MSA
In addition to expert IT, we offer expanded cloud and consulting services to bring you to the next level.
