CIO Landing - Logo
Schedule Discovery CAll

Enemybot Malware May Go Beyond DDOS Attacks

Unless you’re an IT Security Professional, you may never have heard of EnemyBot.  It is a bit like the Frankenstein of malware threats, a botnet that has borrowed code from multiple different sources. While that’s not terribly original, it does make it dangerous. The hackers behind the code are actively adding new exploits as newly […]

Screencastify Issue Could Allow Someone To Steal Recorded Videos

Are you one of the legions of users making use of the Screencastify Chrome extension?  It’s a fantastic Chrome extension that allows you to almost effortlessly create screencasts for a variety of purposes. Unfortunately, the web extension also suffers from a critical security vulnerability that allows attackers to take control of a user’s webcam and […]

 New Phishing Attacks Use HTML Email Attachments

HTML attachments as an attack vector may seem a little old school. However, according to statistics compiled by Kaspersky Lab indicates that in 2022, that form of attack is not just simply still being employed, but hackers are making surprisingly regular use of it.  The security company detected more than two million emails of this […]

Update VMWare Apps Now For Critical Security Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory that serves as a stark warning. If you’re using VMware products that are impacted by recently disclosed critical security flaws, either patch them immediately or remove them from your network. CISA issued the dire warning because the last time critical security flaws were discovered […]

New Phishing Attack Delivers Three Types Of Malware To Victims

Phishing campaigns get more effective the more closely they can imitate a trusted source.  Recently, security researchers at Fortinet discovered evidence of a phishing campaign that specifically targets Microsoft Windows users and installs three different types of malware on the systems it manages to infect. Among other things, this campaign gives the hackers behind it […]

You Might Need This HP Bios Security Update

HP recently released a BIOS update to address a pair of high-severity vulnerabilities that affect a wide range of PC and notebook products offered by the company.  In both cases, the vulnerabilities would allow an attacker to execute code arbitrarily and with Kernel level privileges. The two flaws are being tracked as CVE-2021-3808 and CVE-2021-3809 […]

Update Zyxel Products To Fix Possible Security Vulnerability

Do you use a Zyxel firewall?  If so, there’s good news.  The company has fixed an issue you may not have even been aware that you had. The company pushed out the fix in a silent update a little over two weeks ago, but when they implemented the push, they didn’t provide many details about […]

New Malware Can Infect Linux, Mac, Or Windows Users

There’s a new strain of malware called SysJoker to be mindful of. It’s especially dangerous because it can target Windows, Mac or Linux systems.  That makes it an equal opportunity strain. Researchers at Intezer are credited with discovering the malware in the wild in December of 2021 during an investigation of an attack on a […]

Purple Fox Trojan Delivering Malware Via Popular Messaging App

A research team from Minerva Labs are working in conjunction with the MalwareHunterTeam. They have recently been tracking a Trojan called Purple Fox and have published a warning about it. The group behind the Trojan is now distributing their malicious code disguised as a Telegram installation file. If you’re not familiar with that name Telegram […]

FTC Enforcing That Businesses Patch Log4j Java Security Issue

By now you’re almost certainly aware of the Log4j Java issue. It’s a serious and fixable flaw relating to java logging. Recently the United States Federal Trade Commission (FTC) has issued a chilling warning to anyone who hasn’t yet fixed the flaw and protected against the vulnerability. The FTC’s statement reads in part as follows: […]