technology

Catch-IT: Apple has issued security patches to address zero-day vulnerabilities

Apple has issued security patches to address zero-day vulnerabilities (CVE-2023-38606, CVE-2023-32409, and CVE-2023-37450) that have been exploited in attacks against iPhones, Macs, and iPads that seriously affect the digital security of Apple devices.  Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the [...]

By |2023-07-26T12:53:20-05:00July 26th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Apple Pushes out Emergency Fix for Actively Exploited Zero-Day

Apple has patched an actively exploited zero-day vulnerability (CVE-2023-37450) by releasing Rapid Security Response updates for iPhones, iPads and Macs running the latest versions of its operating systems. The vulnerability has been discovered in Apple products, which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code [...]

By |2023-07-17T13:19:01-05:00July 17th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Microsoft Products

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new [...]

By |2023-07-13T13:13:33-05:00July 13th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Google Android OS

Multiple vulnerabilities have been discovered in Google Android OS (CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most [...]

By |2023-07-06T10:15:48-05:00July 6th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: What to Look for in the Latest Phishing Scam

The latest phishing attack is targeting law firms and small businesses.   Claiming to be a construction company, supplier, or other specialty contractor seeking legal services, these bad actors are looking to gain access to the vast amounts of sensitive information these companies manage.  If successful, the attacker may attempt [...]

By |2023-06-26T13:50:19-05:00June 26th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Apple Releases Security Updates for Several Products

Multiple vulnerabilities have recently been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with [...]

By |2023-06-22T10:29:45-05:00June 22nd, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Beware of AI Applications, Not All Are Created Equal

Artificial Intelligence (AI) is the latest rage right now.  As a result, many companies are hopping on the bandwagon with their version of chatbots, joining the likes of OpenAI, Google, Microsoft, etc.  Among these ranks are many counterfeit chatbots with crooks creating fake apps to swindle you.  Here is [...]

By |2023-06-13T11:20:39-05:00June 12th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Cybersecurity Measures to Protect Against New Critical Threats

The Cybersecurity and Infrastructure Security Agency (CISA) recently released a bulletin warning organizations of recent cyber threats and how to best combat and protect against these intrusions.  These recent attacks include website defacement and destructive malware, resulting in damage to critical infrastructure. What Should You Do? Here are steps [...]

Beware of BadUSB, the latest cyberattack comes via USPS

The FBI recently put out a warning that cybercriminal group FIN7, has started mailing USB drives filled with "BadUSB" malware to various companies.  There are two variations of packages: Those imitating HHS [US Department of Health and Human Services ], often accompanied by letters referencing COVID-19 guidelines and enclosed [...]

Update – Log4j Vulnerability

A joint Cybersecurity Advisory was recently released by Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber [...]

Log4j Vulnerability

By now, you have probably heard about the recent Log4j vulnerability. First, what is Log4j?   Log4j is a framework software developers use to record user activity and the behavior of applications for subsequent review. Distributed free by the nonprofit Apache Software Foundation, Log4j has been downloaded millions of times [...]

Go to Top