Catch-IT

Catch-IT: Resources to Better Protect Against Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA) recently released a Ransomware Advisory site to publish updates for network defenders that detail various ransomware variants and ransomware threat actors.  You can visit  stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources. The [...]

By |2023-03-08T09:29:57-05:00March 7th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Time to Update – Apple’s iOS, iPadOS, macOS, and Safari Under Attack with Zero-Day Flaw

Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and Macs. The zero-day patched today is tracked as CVE-2023-23529 [1, 2] and is a WebKit confusion issue that could be exploited to trigger OS crashes and gain code execution on [...]

By |2023-02-14T13:04:37-05:00February 14th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: NJ Law Firms Be Alert of Latest Phishing Campaign

NJCCIC recently identified an aggressive phishing campaign targeting several New Jersey State agencies that regularly communicate with law firms. The phishing email’s subject line claims to reference various types of legal documents, such as settlements, reviews, or payment claims. The body contains an HTML link that appears to be [...]

By |2023-02-02T15:25:57-05:00February 2nd, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Russian-Backed Hackers Actively Targeting US Health Care Sector

The Department of Health and Human Services (HHS) warned on Monday that pro-Russian hacktivist group Killnet is actively targeting the U.S. healthcare industry with distributed denial of service (DDoS) attacks.  A pro-Russian hacktivist group active since at least January 2022, Killnet known for its DDoS campaigns against countries supporting Ukraine, [...]

By |2023-02-01T14:36:39-05:00February 1st, 2023|Categories: Catch IT, News|Tags: , , , , , , , |

Catch-IT: Microsoft’s First Patch Tuesday of 2023 Delivers 98 Fixes

Microsoft Kicks Off 2023 With 98 Fixes Microsoft released a whopping 98 security fixes for yesterday's Patch Tuesday, almost double the number it turned out leading into the holiday season.  Out of the 98, eleven were classified as "Critical", with one identified as being actively exploited. The actively exploited [...]

Catch-IT: Two Vulnerabilities Identified in Microsoft Products

Critical Patches Recently Released for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, [...]

Catch-IT: Time to Update! Chrome Issues Urgent Zero-Day Fix

Chrome users urged to update as Google patches seventh zero-day exploit this year Late last week, Google rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser.  The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Successful [...]

Catch-IT: Latest Phishing Scam Involves Direct Deposit

Warning for Employees and Businesses that use Direct Deposit The latest phishing scam involves direct deposit, with emails being specially crafted to the targeted organization.  Scammers impersonate an employee, often by establishing an email address using the employee’s name and utilizing display name spoofing in the messages. The malicious [...]

Passwordless is Possible!

Tech giants Apple, Google, and Microsoft announced last month that they have committed to building support for passwordless sign-in across all of the mobile, desktop, and browser platforms that they control in the coming year. Effectively, this means that passwordless authentication will come to all major device platforms in the not too [...]

Latest Phishing Campaign Targets US Government, Exploits Windows Zero-Day Vulnerability

The latest vulnerability comes in the form of a phishing email, pretending to be an offer of a raise in compensation, including an attached Word Document (RTF file). Once activated, the malware then checks if the system is a virtual machine, stealing information from multiple web browsers, mail clients, and file [...]

Is Your PC Ready For The Holiday Weekend?

Summer kick-off is a couple days away!  Before you sign off for the long weekend, implement these simple steps to ensure your computer is updated, secure and refreshed upon return. What You Should Do Before you shut down for the holiday weekend, it's important to have your workstation in [...]

Kaspersky antivirus software added to US national security risk list

Antivirus software maker Kaspersky Labs has been added to a federal list of companies that pose “an unacceptable risk to the national security of the United States.”   The announcement from the US regulator comes only weeks after Germany's Federal Office for Information Security advised all citizens to avoid downloading [...]

Go to Top