Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new [...]
Multiple vulnerabilities have been discovered in Google Android OS (CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most [...]
The latest phishing attack is targeting law firms and small businesses. Claiming to be a construction company, supplier, or other specialty contractor seeking legal services, these bad actors are looking to gain access to the vast amounts of sensitive information these companies manage. If successful, the attacker may attempt [...]
Multiple vulnerabilities have recently been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with [...]
Artificial Intelligence (AI) is the latest rage right now. As a result, many companies are hopping on the bandwagon with their version of chatbots, joining the likes of OpenAI, Google, Microsoft, etc. Among these ranks are many counterfeit chatbots with crooks creating fake apps to swindle you. Here is [...]
In 2022, the Federal Communications Commission (FCC) adopted rules to implement the Secure Equipment Act of 2021. Those rules, which in large part took effect on February 6, 2023, prevent manufacturers on the FCC’s Covered List – companies whose products are deemed to pose a risk by national security [...]
The surge in using artificial intelligence tools like ChatGPT has already resulted in workers leaking sensitive company data to bots, but a new technology aims to protect company data. In fact, it's already happening. Samsung recently experienced a series of leaks after employees purportedly pasted source code into the new bot, [...]
Google just released an emergency update for Chrome. In a new blog post, Google confirmed the discovery of the Zero Day vulnerability and it impacts Chrome on Windows, Mac and Linux. Google also confirmed it is aware that an exploit exists in the wild. The vulnerability, CVE-2023-2033, stems from a “Type [...]
Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. CVE-2023-28205 is a use after free issue in the WebKit browser engine, which is used by Safari and all web browsers on iOS and iPadOS. The flaw can be triggered via [...]
Adobe just released eight advisories addressing multiple vulnerabilities in Adobe Commerce, Experience Manager, Illustrator, Dimension, Creative Cloud, Substance 3D Stager, Photoshop, and ColdFusion products. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on [...]
The Cybersecurity and Infrastructure Security Agency (CISA) recently released a Ransomware Advisory site to publish updates for network defenders that detail various ransomware variants and ransomware threat actors. You can visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources. The [...]
Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and Macs. The zero-day patched today is tracked as CVE-2023-23529 [1, 2] and is a WebKit confusion issue that could be exploited to trigger OS crashes and gain code execution on [...]
1 South Corporate Drive, Riverdale, NJ 07457
CALL: +1-973-276-0808
FAX: 973-248-6645
EMAIL: [email protected]
NJ Service Areas
All work performed by Business Machine Technologies Inc. shall be subject to the terms of the Master Services Agreement which can be reviewed at www.bmtcorp.com/MSA
In addition to expert IT, we offer expanded cloud and consulting services to bring you to the next level.
