Windows Update alert, a warning to data centre admins and a digital loan platform hacked
Welcome to Cyber Security Today. It’s Monday, January 31st, 2022. I’m Howard Solomon, contributing reporter for ITWorldCanda.com.
Windows administrators – and home users — who put off installing the January 11th Windows Updates better change their minds fast. That’s because multiple exploits were found last week that can take advantage of a serious vulnerability in the operating system. According to the Bleeping Computer news site, threat actors with limited access to a compromised Windows 10 computer can use the vulnerability to easily elevate their privileges to get Windows administrator power. Microsoft fixed this hole in the January Patch Tuesday security releases. But some Windows administrators put off installing those patches after hearing they had some bugs. However, those have been fixed. With the discovery of exploits for the serious vulnerability no delay can be justified now.
Some data centre IT administrators aren’t locking down their software-based management systems, leaving them open on the internet to an external attack. That’s the conclusion of researchers at Cyble. They found many data centres have vulnerable pieces of server, power and building management software open to cyber attacks. Some applications are vulnerable because they are running with default application passwords that are known to hackers. An attacker who can access a data centre’s management system and get administrator rights could infiltrate or damage any server or storage device on the network. Data centre managers need remote access to systems for emergencies when staff can’t get into a building. However, anything that has to be open to the internet must be locked down with strong passwords and multifactor authentication. In the case of data centre admins and their IT staff, that could mean having a secure USB key plugged into their computers for the best authentication protection.
Finally, there’s more evidence that a blockchain isn’t enough to stop a determined crook from stealing digital currency. This comes after the discovery last week that someone stole the equivalent of $80 million from Qubit Finance, a decentralized finance platform where digital currency owners can use their digital currency to lend and borrow funds. The platform works on what are called smart contracts for transactions, with a bridge function to other digital financial networks. According to Qubit Finance, something went wrong in the bridge deposit function allowing the theft.
That’s it for now. Remember links to details in podcast stories can be found in the text version at ITWorldCanada.com Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Original Bunch O Balloons Tropical Party 330+ Rapid-Filling Self-Sealing Water Balloons (Amazon Exclusive 10 Pack) by ZURU Water Balloon for the Whole Family, Kids, Teens and Adults
$24.99 (as of July 1, 2024 21:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Woodstock Wind Chimes Zenergy Solo Hand Chime, Silver (7") Musically Tuned for Meditation, Yoga and…
$12.59 (as of July 2, 2024 21:16 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
PS PETITE SIMONE Woven Tote Bag for Women Large Woven Purse Woven Leather Handbags Braided Purse Weave Purse…
$59.99 (as of July 2, 2024 21:16 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Apple AirTag
$24.74 (as of July 1, 2024 21:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
