TechNews

Cybersecurity

by www.zdnet.com Leave a Comment

BillQuick says patch coming after Huntress report identifies vulnerabilities used in ransomware attack

BillQuick has said a short-term patch will be released addressing some of the vulnerabilities identified this weekend by cybersecurity firm Huntress. In a blog post on Friday, Huntress security researcher Caleb Stewart said the company's ThreatOps team "discovered a critical vulnerability in multiple versions of BillQuick Web Suite, a time and billing system from BQE Software." "Hackers were able to successfully exploit CVE-2021-42258 -- using it to gain initial access to a US engineering company -- and deploy ransomware across the victim's network. Considering BQE's self-proclaimed user base of 400,000 users worldwide, a malicious campaign targeting their customer base is concerning," Stewart said. "This incident highlights a repeating pattern plaguing SMB software: well-established vendors are doing very little to proactively secure their applications and subject their unwitting customers to significant liability when sensitive data is inevitably leaked and/or ransomed." … [Read more...] about BillQuick says patch coming after Huntress report identifies vulnerabilities used in ransomware attack

by www.gadgetsnow.com Leave a Comment

phishing: Tech support scams are top phishing threat: Report

Tech support scams , which often arrive as a pop-up alert convincingly disguised using the names and branding of major tech companies, have become the top phishing threat to consumers, according to a new report . Tech support scams are expected to proliferate in the upcoming holiday season, as well as shopping and charity-related phishing attacks, it said. Norton LifeLock's global research team, Norton Labs, on Tuesday published its third quarterly Consumer Cyber Safety Pulse Report, detailing the top consumer cybersecurity insights and takeaways from July to September 2021. Norton said in a statement it blocked more than 12.3 million tech support URLs, which topped the list of phishing threats for 13 consecutive weeks between July and September. "The effectiveness of this type of scam has escalated during the pandemic due to consumers' increased reliance on their devices to manage hybrid work schedules and family activities", it said. Norton said it successfully … [Read more...] about phishing: Tech support scams are top phishing threat: Report