IT Guides and CyberSecurity News

Security News


  • Malvertising in Google Search Results Delivering Stealers
    Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. The treat actors create copies of legit software websites while employing typosquatting (exploiting incorrectly spelled popular brands and company names as URLs) or combosquatting (using popular brands and company names […]
  • Chinese Espionage Attack on South East Asian Gov
    At the beginning of 2021, Check Point Research identified an ongoing surveillance operation they named Sharp Panda that was targeting Southeast Asian government entities. The attackers used spear-phishing emails to gain initial access to the targeted networks. These emails typically contained a Word document with government-themed lures that leveraged a remote template to download and […]
  • OneNote Abused by Cybercriminals
    Threat actors are taking advantage of Microsoft OneNote’s ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files. Once clicked, an attacker can use the embedded code for various malicious purposes, such as stealing data or […]
  • Emotet Malicous Mail is Back
    After several months of inactivity, the Emotet botnet resumed email activity this morning at 8:00am EST. The malicious emails seem to be replying to already existing email chains, with the addition of an attached .zip file. The .zip files are not password protected. The themes of the attached files include finances and invoices. The .zip […]
  • Withsecure has developed Ransomware undo tech
    Ransomware attacks have plagued organizations for the past several years, inflicting considerable financial losses. To help organizations manage ransomware and other threats, WithSecure™ (formerly known as F-Secure Business) has developed a new technology that can essentially undo the damage malware can cause. The technology, called Activity Monitor, was developed to make the capabilities of a sandbox […]
  • Imposter HTTP Libraries Lurk on PyPI
    ReversingLabs researchers discovered more than three dozen malicious packages on the PyPI repository that mimic popular HTTP libraries.  The descriptions for these packages, for the most part, don’t hint at their malicious intent. Some are disguised as real libraries and make flattering comparisons between their capabilities and those of known, legitimate HTTP libraries. The packages […]
  • S1deload Stealer – Social Network Account Hijacker
    An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems’ resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components. […]
  • GlobeImposter Malware’s latest campagin
    Since 2017, campaigns delivering GlobeImposter have continued to proliferate even though the ransomware has only evolved slightly. GlobeImposter is most often delivered via phishing email as an attachment or a link to a malicious attachment. The payloads are typically distributed via 7zip or traditional zip file archives. The archives often include a JavaScript (.js) file […]
  • Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
    The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Department of Health and Human Services (HHS), the Republic of Korea (ROK) National Intelligence Service (NIS), and the ROK Defense Security Agency (DSA) are issuing this joint Cybersecurity Advisory (CSA) to […]

IT Guides


  • Tips And Best Practices For Small Business Email Management

    One of my friends, Janet, is a classic example of why you need email management in your business. She constantly receives hundreds of emails at work. One day, she had an important client presentation in the afternoon. But the client sent her an email the previous night rescheduling the meeting to the early morning instead. By the time she got to work, she should’ve already started with her presentation.

    Unfortunately, her inbox was already full of office news messages and newsletters. So by the time she sorted through them and found the client’s email, it was already too late. Her company ended up losing a valuable client contract. She wouldn’t have been stuck in this situation if she had applied email management best practices.

    Janet’s situation might sound all too familiar. Perhaps you’ve had a similar blunder or watched a similar situation unfold with one of your employees. Either way, it’s damaging to your business. To help you avert this crisis in the future, I’ll take you through what email management is and how it can help your business. Lots of things to go over, so let’s get started, shall we?

    https://techgenix.com/email-management-tips/


  • Manually Creating Swap Partition

    Continuing from this articles…https://anyware.com.sg/re-sizing-linux-storage/

    What happened to Swap….

    Creating Swap partition alone would not suffice that it would be used by the system; it has to be initialized and activated.

    To initialize:

    # mkswap /dev/sda5

    To activate:

    # swapon /dev/sda5

    When I recreated the partition I didn’t know about the above and this…

    New Swap partition’s UUID had to update in /etc/fstab

    How to get the UUID, run this command:

    # blkid | grep swap | awk '{print $2}'

    Echo out the UUID into /etc/fstab file  and use the same as the previous swap entry

    Mount the swap with this command:

    # mount -a

    Well that fixed the missing swap issue….

    The final issue to address ” Gave up waiting for suspend/resume device”  message at boot time

    Don’t take me as a genius here… the fixes for the issues are all obtained by googling…credit goes to the original solution posters.

    The solution given was to remove

    /etc/initramfs-tools.conf.d/resume 

    and then run

    update-initramfs -u

    Well… did the above but the system went into a hung state with heavy CPU usage after reboot.

    As I always do in such cases, force restart the system into safe mode and then rebooted in to normal state…. Viola… no issue or Errors. 


  • Re-Sizing Linux Storage

    Continuing from this article https://anyware.com.sg/debian11-128mb/

    While testing out the file server services; the storage space soon filled up.

    That’s when I realised I had provisioned only 16GB of Storage most likely I thought I’m won’t doing anything else besides sftp testing.

    So how exactly I increased the Storage size… 

    There are couple of options in hand for me to do this.

    1. Add Additional virtual disk and mount it as a folder for the shares
    2. Expand the current virtual disk and partition the extra free space and mount it as a shared folder
    3. Expand the current virtual disk and repartition the disk so there is no need for additional mounts

    Since I was in experimenting mood, I opted for option 3.

    The process would like this or at least I thought so:

    • Expand virtual disk to 120GB
    • Delete the current partition and recreate it
    • Resize the volume to take up the full capacity of the disk.

    The actual process as I had to do additional procedures to correct some of the actions which didn’t go as expected:

    1. Expand virtual disk to 120 GB – > easy peasy.. 
    2. Delete the current partition and recreate it

    I wasn’t so sure if this would go well but who cares its my test system anyway…

    I used

    cfdisk 

    which is more user friendly.

    Deleted the primary, extended and linux swap partitions

    Then readded the partitions with larger Primary partition with 116GB space, next extended and swap partition.

    Paid particular attention to enable Boot on primary partition, before committing the changes.

    So far so good…. ran

    resize2fs /dev/sda1 

    hoping to see the new disk size.

    The command returned to say something like .. no changes found no changes made.

    Thought rebooting the system would show the increase in partition orrr break the system….

    The reboot happened but it took way longer to then usual. There were error messsages like “missing swap partition” and “Gave up waiting for suspend/resume device”

    Didn’t knew what it meant so proceeded to resize the volume and this time the volume expansion was successful and it showed the full volume size 

    Then checked up why swap was not in use… that’s when I found that couple on things must be done to fix it. 

    What happened to Swap….

    Creating Swap partition alone would not suffice that it would be used by the system; it has to be initialized and activated. Please read to this linked article on how to activate swap partition


  • Debian 11 on 128 MB RAM

    Coming from Win 3.1 days, I can’t fathom what the craze with modern operating systems gobbling GBs of RAM. Therefore I took it on myself to find which modern OS can smoothly run with the least amount of RAM. So I set out some parameter the OS should server, like it should have the complete networking stack with the latest security modules like network encryption and system utilities.

    The OS : Debian 11, the latest release, and the least RAM the installer allows is 128 MB.
    Function of the system: Secure File Transfer Server

    Read on the see the challenges I encountered with Text Mode setup and the arcane file partitioning process


    The Process

    I started the VM with 64MB ram; the installer aborts with insufficient RAM message 

    And I doubled the size to 128MB,  this time the installer came up with a different message: Warning message of Low ram and the minimum of 273 ram required to successfully complete the installation. It didn’t stop me from proceeding next…

    Low Memory install mode. 

    In this mode, the installer doesn’t load up all drivers/modules which would cater to larger hardware types; instead it prompts for hardware type to load. 

    I selected the following modules from the above options for my vm type:

    • Choose mirror
    • NIC modules
    • MBR
    • Parted
    • Partman -Auto

    When prompted for NIC selection, its impossible to go to the next with wrong NIC type. The installer verifies the selection first just like the good old days of installing linux/windows 95.

    Low RAM didn’t have much impact on the installation process, it completed only about couple of seconds slower than a VM with about 2GB RAM.

    Performance

    Minute boot delay compared to standard with 2GB of RAM.

    It handled multiple sftp connections without dips in the transfer chart

    Tried both SFTP and SMB services, the os can manage these services pretty well.

    Transferring files via SMB files peak up to 800Mbs.

    So what a VM of 128MB gives you…

    •  File server catering to up 10 users
    • SSH based vpn 
    • SFTP server
    • Open VPN server
    debian on 128MB ram
    memory utilisation

    There you have, Debian 11 32bit running on 128 MB RAM and utilising half the resource while running idle.


  • Phishing Activities in 2022

    Phishing scams continue to plague the internet in 2022, more now than ever. This article explores the latest data and current trends and shows you how to avoid a phishing attack today.

    Cybercrime consultants have found over a million discrete phishing attacks perpetrated this year, which is up by 61% in the same time period in 2021.

    In a recent sophisticated phishing attack, customers of the Dutch bank MKB were targeted with a fake newsletter that purported to be from MKB.

    The newsletter asked customers to follow a link to find out more about how the bank was supporting customers through the pandemic. The link took victims to a phony authorization page that stole their Outlook login credentials.

    This is the kind of cybercrime that was on the rise in 2022.

    More news/attack information unfolds in the complete article in the link below:

    https://www.wizcase.com/blog/phishing-wrapping-up-a-record-breaking-year/


  • What is Advanced Malware Protection

    Malware is a serious threat to both individuals and enterprises. It can compromise your sensitive data, disrupt operations, and even cause physical damage to computer systems. That’s not the end of the rope, though. If malware infects your system, it could severely damage your company’s reputation in the case of a data breach. In addition, data breaches usually require a settlement to affected customers, which is very costly. As if regular malware wasn’t enough, we’ve got bigger, smarter, and worse malware out there. So, it’s important to have advanced malware protection in place to protect your enterprise. 

    In this article, We’ll see what is advanced malware protection and its importance for your business. You’ll also gain a complete understanding of its 4 different types. So without further ado, let’s find out what advanced malware is. 

    Read more :

    https://techgenix.com/advanced-malware-protection-guide/?utm_source=email&utm_medium=tgnewsletter&utm_campaign=tgweekly-230117&hq_e=el&hq_m=2209073&hq_l=6&hq_v=ae19da069f


  • How to beef up Microsoft 365 Security

    Microsoft has long used a shared responsibility model for its various cloud services, including Microsoft 365. The model states that Microsoft is responsible only for securing its cloud infrastructure. This means users are responsible for securing their data. But the problem is Microsoft 365 isn’t secure by default. So how do you get around this issue and improve Microsoft 365 security?

    Microsoft 365 deployments have several built-in security mechanisms. You’ll need to take advantage of these mechanisms to get around this issue. Although many security settings are available, some are more important than others. In this article, I’ll discuss 4 key areas to focus your efforts on if you’re just starting with Microsoft 365 security


  • Playing with Powershell Variables

    Declaring a variable in PowerShell is usually a simple matter. Just specify the variable name, an equal sign, and the value you want to assign to the variable. Then PowerShell will do the rest. Despite this simplicity, you can make working with variables easier with a few extra tricks. For instance, you can define constants and use variables as items

    In this article, we shall see 3 variable-related techniques, including renaming variables, showing all variables, and working with constants.


  • Guide to Cloud Data Security

    Cloud storage is big, convenient, and here to stay. Unfortunately for many companies, cybercriminals are unrelenting in their effort to steal cloud data. For example, Cognyte, a cyber analytics firm, used third-party cloud software to store customer data. A misconfiguration in their cloud data security left one of their databases unsecured. As a result, criminals leaked five billion customer records and passwords. As you can imagine, Cognyte suffered a severe loss of reputation and customer trust. The company currently facing legal action for the breach. 

    You don’t want a similar situation on your hands. Enter cloud data security. This comprehensive security strategy includes all your processes to protect cloud-based information. You can also install software solutions that manage access to your entire cloud infrastructure.

    In this article, we’ll see cloud data protection’s benefits and tools. Then the best practices.

Tech News

  • Manually Creating Swap Partition

    Continuing from this articles…https://anyware.com.sg/re-sizing-linux-storage/ What happened to Swap…. Creating Swap partition alone would not suffice that it would be used by the system; it has to be initialized and activated. To initialize: # mkswap /dev/sda5 To activate: # swapon /dev/sda5 When I recreated the partition I didn’t know about the above and this… New Swap […]

    Read more
  • Re-Sizing Linux Storage

    Continuing from this article https://anyware.com.sg/debian11-128mb/ While testing out the file server services; the storage space soon filled up. That’s when I realised I had provisioned only 16GB of Storage most likely I thought I’m won’t doing anything else besides sftp testing. So how exactly I increased the Storage size…  There are couple of options in […]

    Read more
  • Debian 11 on 128 MB RAM

    Coming from Win 3.1 days, I can’t fathom what the craze with modern operating systems gobbling GBs of RAM. Therefore I took it on myself to find which modern OS can smoothly run with the least amount of RAM. So I set out some parameter the OS should server, like it should have the complete […]

    Read more
  • Best Consumer Techs of the Year

    Compiled by Tomshardware Best SSDs 2022: From Budget SATA to Blazing-Fast NVMe Best Flash Drives: Fast, Roomy USB Storage in Your Pocket Best External SSDs and Hard Drives of 2022 Best PC Cases 2022: Our Tested Picks for Your New Build Best CPUs for Workstations 2022 Best Webcams of 2022 Best College Laptops: Tested Picks […]

    Read more
  • Windows Server updates has Bugs

    Here’s a recently identified problem we’ve been following that can impact your Active Directory environment: New Windows Server updates cause domain controller freezes, restarts (Bleeping Computer) Windows Server November 2022 updates cause LSASS memory leak (Günter Born)

    Read more
  • Windows logo

    Windows Tech Tips and Tricks

    How to Remove Windows 10’s Annoying Search Highlights Icons (Tom’s Hardware) How to auto shutdown Windows when it’s been idle for a while (OnMSFT) How to Transfer a Windows 10 or 11 License to Another PC (Tom’s Hardware) How to Run a Program as a Different User (RunAs) in Windows? (Windows OS Hub) How to Keep Windows Running Smoothly (Tom’s […]

    Read more

Android apple APT Breach cloud Crypto miner CryptoStealer CTI cyberattack Cybersecurity Edge Email EMotet Facebook Firewall GooglePlay Guide infostealer Linux Malicious Malware MS365 Network Segmentation pentesting Phishing Phising POWERSHELL PyPL python Qnap Ransomware RAT security stealer Tips trojan Vishing VM VPN vulnerability Vulnerability Assessment Windows Windows 10 windows 11 Windows Server

Scroll to top