Blog Category: News

Social Business Software powered by NewPush Alt Ten, a Littleton, Colorado based Social Business Software startup selects NewPush to run its ground breaking software, TurboStack. TurboStack aims at filling the gap between traditional Email, CRM, ERP and other productivity tools and the power of Social Media. NewPush has the infrastructure and know-how to scale applications […]

Today Cisco BGP memory leak (bug ID CSCsw63003) during routine BGP updates caused a 22 minute outage in our downtown Denver facility. An after action report can be found here: Cisco BGP Bug After Action Report. We extend our deepest apologies to all of our customers who were impacted by this outage. We clearly recognize […]

Windows 7 has an interesting feature to determine if there is a working Internet connection. By default, it sends information to Microsoft to about the connection location. The following article explains how this works, and how to reconfigure the setting to regain privacy while maintaining that useful feature: http://blog.superuser.com/2011/05/16/windows-7-network-awareness/

NewPush newsletter – November 2016 edition I would like to welcome you to our newsletter of November 2016. Did you know that NewPush has been in business since 1999 providing stable and reliable service to our customers in both North America and Europe? Our cloud vision was implemented many years prior to the time the […]

By Mark Nyquist ‐ Information Systems Director, Epicor HCM In the wake of the recent security breaches (see links below), I’d like to take just a quick moment to remind everyone that extra vigilance and scrutiny are becoming vital for the security of work and home environments. I’m sure that many of you have already […]

Thoughout the week of October 25th, 2010, we will be upgrading our customers from the Postini/Google SPAM filter to the Red Condor SPAM and Virus filter. As a result of the upgrade, former Postini/Google customers will have more flexibility and more ease of use to access automatically their quarantine. If you have any questions, please […]

***IPPAY NON-INTRUSIVE MAINTENANCE NOTIFICATION*** Duration of Maintenance: 60 minutes Start Time of Maintenance: 10:00pm CST, Thursday, July 2, 2015  Stop Time of Maintenance: 11:00pm CST, Thursday, July 2, 2015 Scope of Maintenance: To ensure the most reliable environment is maintained for our customers, IPpay Technical Services will be performing planned system updates. We expect the […]

The majority of projects in IT are over budget and miss their deadline.  We often notice that IT staff works hard just to stay in one place.  While there are many causes, one of the key factors to mitigate the problem is testing.  In this article, we will define show what happens if you: let testing […]

I had a chance to chat with Dave Simpson recently about our partnership with Zerowait to deliver great value on high end and high quality storage to our customers. Here is the article mentioning our Petabyte Storage Solutions.

Akavit picks NewPush to power the Denver Broncos mail gateway.

This debate over what the future of cryptocurrencies should look like is just heating up, as central banks around the world are developing their own currencies, and legislation is being passed to begin to define the crypto sector.

Okta Security detected unauthorized access to their support system due to a compromised credential, allowing the viewing of certain customer files.

A global coalition of government cybersecurity leaders will announce efforts to boost information sharing about digital threats and take on nefarious cryptocurrency payments when they convene in Washington.

As businesses scramble to take the lead in operationalizing AI-enabled interfaces, ransomware actors will use it to scale their operations, widen their profit margins, and increase their likelihood of pulling off successful attacks.

In a development sparking chatter and debate through the cybersecurity world, the lawsuit filed by the U.S. Securities and Exchange Commission (SEC) against the Chief Information Security Officer (CISO) of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles.

The UK government called it a “landmark” decision for the future of artificial intelligence (AI). The Bletchley Declaration, has been signed by 28 countries, including the US, the UK, China, six EU member states, Brazil, Nigeria, Israel and Saudi Arabia. 

The average Password Health Score ranges from 70.9 in Northern America to 78.2 in Eastern Europe, indicating a need for improvement across all regions, according to a report. However, the scores improved by nearly two points in the past year, thanks to fewer weak, reused, and compromised passwords.

The FBI has warned that ransomware attackers are targeting third party vendors and services to compromise businesses.

The popular generative AI application ChatGPT experienced recurring outages this week on both the ChatGPT interface and the associated API, according to its own status page.

The spree of attacks against MOVEit environments in May, which are still cascading to downstream victims five months later, capped a concentrated period of damaging attacks against file-transfer services. Progress Software’s MOVEit, Fortra’s GoAnywhere and IBM Aspera Faspex were hit by supply-chain attacks over a three-month span starting in March this year.

Threat groups are finding sophisticated new technologies to target retailers and their customers, as consumers turn to e-commerce channels to find the best discounts.

In the dubious race for popularity among cybercriminals, Redline Stealer appears to be far and away attackers' top choice for malware built to steal lucrative and sensitive data, including cryptocurrency wallet and remote access credentials. 

A security vendor’s 11-month long review of non-public data obtained by investigative journalists at Reuters has corroborated previous reports tying an Indian hack-for-hire group to numerous — sometimes disruptive — incidents of cyber espionage and surveillance against individuals and entities worldwide.

According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have been impacted to date, with millions in the past weeks alone have received notifications that their info was either accessed, leaked, or both after the Russian ransomware gang Clop exploited a security hole in MOVEit back in May to steal files from compromised instances.

Threat intelligence-sharing platform VirusTotal has unveiled new research showing how AI can be used by cyber defenders to enhance malware analysis.

Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform.

OpenAI launched ChatGPT a year ago on November 30, 2022. The public release of the large language model (LLM) chatbot quickly sparked discussion about the societal impact generative AI will have – both good and bad.

The company activated a new feature called iMessage Contact Key Verification in another attempt to block impersonators and sophisticated threat actors abusing its iMessage server infrastructure.

A new cybercrime marketplace, OLVX, has emerged and is quickly gaining new customers looking to purchase tools to conduct online fraud and cyberattacks.

A total of 26,447 vulnerabilities were disclosed in 2023, surpassing the previous year by over 1500 CVEs. The figures come from the latest report by the Qualys Threat Research Unit (TRU), published today.

There has been a wide range of major cybersecurity incidents in 2023, from nation-state espionage campaigns to attackers gaining a gateway to thousands of enterprises through software supply chain vulnerability exploitations.

The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware. Court documents show that the U.S.

With cybercrime projected to cost $8 trillion in 2023 and businesses, particularly smaller ones, often lacking the resources and expertise to keep up, the digital sector is fast becoming the most vulnerable one.

The year 2023 saw three significant events that raised the stakes for cybersecurity professionals.

The world of information security covers a range of topics, and in such a rapidly evolving field, we sometimes come across unique, unusual and even downright whacky stories. These include bizarre attack methods and cybercriminals getting their comeuppance.

GitHub is warning users that they will soon have limited functionality on the site if they do not enable two-factor authentication (2FA) on their accounts.

On Christmas Eve, Resecurity protecting Fortune 100 and government agencies globally, observed multiple actors on the Dark Web releasing substantial data leaks. Over 50 million records containing PII of consumers from around the world have been leaked.

The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.

In a recent development on an underground forum, a user is actively promoting the sale of Zeppelin2 ransomware, offering both its source code and a cracked version of its builder tool. This malicious software, known for its destructive capabilities, has caught the attention of cybersecurity experts and law enforcement agencies worldwide.

Distributed denial of service attacks hit an all-time high in 2023, more than doubling year over year in the fourth quarter, Cloudflare said Tuesday in a threat report. The record high year for DDoS attacks coincided with mass exploits of the novel zero-day vulnerability HTTP/2 Rapid Reset, which threat actors used to launch DDoS attacks that broke records during the third quarter of 2023.

A Chinese state-backed research institute claims to have discovered how to decrypt device logs for Apple's AirDrop feature, allowing the government to identify phone numbers or email addresses of those who shared content. China has a long history of censoring its people, requesting Apple block access to mobile apps, blocking encrypted messaging apps, such as Signal, and creating the Great Firewall of China to control what sites can be visited in the country.

Kaspersky’s Global Research and Analysis Team (GReAT) has unveiled a new, lightweight method to detect sophisticated iOS spyware, including notorious threats like Pegasus, Reign and Predator.

With elections expected to occur in over 50 countries in 2024, the misinformation threat will be top of mind. OpenAI, the developer of the AI chatbot ChatGPT and the image generator DALL-E, has announced new measures to prevent abuse and misinformation ahead of big elections this year.

Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten (94%) cyber decision-makers had to deal with a phishing attack, according to email security provider Egress. This is up 2% from the previous year, Egress’ Email Security Risk Report 2024 found.

Apple pushed out a security update for iPhone this week featuring a brand-new Stolen Device Protection for iPhone feature. Stolen Device Protection restricts the user's ability to make critical changes to the device settings when the device is not in a familiar location such as the user's home.

The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak is almost certainly the largest ever discovered. The supermassive MOAB (Mother of all breaches) does not appear to be made up of newly stolen data only and is most likely the largest compilation of multiple breaches (COMB).

Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild.

Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230.

Data compromises were more abundant and organizations were less forthright about the root cause of cyberattacks throughout 2023, according to the Identity Theft Resource Center’s annual data breach report. The number of data compromises reported in the U.S. last year jumped 78% to a record high of 3,205 incidents, the non-profit organization said Thursday. These compromises ultimately impacted more than 353 million victims, including individuals affected multiple times.

CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption.

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses.

Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs. The previous record-high figure was set in 2021, with ransomware payments amounting to $983 million, surpassing the preceding record of $905 million in 2020 by approximately 10%.

A study by Surfshark, a VPN service provider, has revealed that ethical hackers, or white hat hackers, played a vital role in improving cybersecurity in 2023 by identifying 835 vulnerabilities across 105 websites.

Ransomware operators were especially successful targeting critical zero-day vulnerabilities in widely used IT products.

Email attacks relying on QR codes surged in the last quarter, with attackers specifically targeting corporate executives and managers, reinforcing recommendations that companies place additional digital protections around their business leadership.

Apple on Wednesday unveiled PQ3, a new post-quantum cryptographic protocol for iMessage that is designed to protect encrypted communications even against future quantum computing attacks.

Although it's been sitting there since 2000, researchers were just recently able to suss out a fundamental design flaw in a Domain Name System (DNS) security extension, which under certain circumstances could be exploited to take down wide expanses of the Internet.

Google is testing a new feature to prevent malicious public websites from pivoting through a user's browser to attack devices and services on internal, private networks. More simply, Google plans to prevent bad websites on the internet from attacking a visitor's devices (like printers or routers) in your home or on your computer.

NIST on Feb 26th announced the official release of version 2.0 of its Cybersecurity Framework (CSF), the first major update since its creation a decade ago.

Despite arrests, infrastructure seizure and international law enforcement efforts, LockBit ransomware has resurfaced, promising robust security and threatening aggressive cyber attacks on UK and USA government sectors.

The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates’ money by pretending the FBI seized their site and infrastructure.

Lookout recently discovered an advanced phishing kit exhibiting novel tactics to target cryptocurrency platforms as well as the Federal Communications Commission (FCC) via mobile devices.

Google’s new Security Command Center Enterprise (SCC Enterprise) could streamline cloud risk management through AI automation, saving security teams time, experts say. Enhanced with Mandiant threat intelligence and generative AI, SCC Enterprise aims to offer comprehensive insights across the cloud security lifecycle.

The NIST Cybersecurity Framework (CSF) 2.0, an evolution of its predecessor, is a comprehensive guide designed to assist organizations across various sectors in managing and mitigating cybersecurity risks effectively.

DDoS attacks against the financial services sector historically accounted for about 10-15% of all attacks, however that trend began to rise in 2021, the FS-ISAC and Akamai found.

APIs were the target of 29% of web attacks in 2023, with cybercriminals exploiting the swiftly growing API economy for new avenues of attack, according to a report from Akamai.

It’s been three months since the Securities and Exchange Commission’s cyber disclosure rules took effect and rather than creating a deluge of incident revelations, only a trickle has emerged.

In a proactive measure to enhance user security, Google has announced an update to its Chrome browser, effectively patching a series of vulnerabilities, including the zero-day flaw CVE-2024-3159, unveiled at the Pwn2Own hacking contest in March 2024.

Cybercriminals are looking for ways to integrate large language models (LLMs) into their attacks, and they have three main options: trying to bypass the safeguards on existing LLMs, building their own LLMs, or using uncensored open-source models.

A hacking competition called Pwn2Own 2024 in Vancouver awarded over $1.1 million to participants who discovered vulnerabilities in various software and devices. This security competition incentivizes hackers to discover and report vulnerabilities in widely used software and devices.

Even though the cybersecurity pros I work with haven't fallen for the latest LinkedIn scam, seeing it hit my inbox made me realize just how dangerous and believable these attacks are. The sophistication of this one surprised even me, and that's concerning.

A security vulnerability impacting a significant number of LG smart TVs was recently disclosed. This flaw could allow attackers to remotely seize control of susceptible devices. Researchers at Bitdefender discovered two critical vulnerabilities (CVE-2023-6317 and CVE-2023-6318) that, when combined, could grant unauthorized users complete control over a targeted LG smart TV.

A security researcher discovered a major flaw in self-service check-in terminals used by Ibis Budget hotels in Europe. The terminals were programmed to display room keycodes when a guest entered a series of dashes instead of a booking reference number.

Google Meet is taking a giant leap towards universal online privacy with the expansion of its end-to-end encryption capabilities. Previously exclusive to Google Workspace users, this advanced security feature is now available for calls with individuals outside the Google ecosystem, breaking down barriers and fostering secure communication for everyone.

KnowBe4, a renowned name in cybersecurity awareness training, has announced its strategic acquisition of Egress, a UK-based leader in cloud email security solutions. This move signifies a significant step towards building a comprehensive platform that addresses the ever-growing challenge of human error in cybersecurity.

Millions of Docker repositories were found to be harboring malicious content, raising concerns about software supply chain security. Researchers identified roughly 4.6 million repositories containing no legitimate Docker images and linked nearly 3 million of them to large-scale malware and phishing campaigns.

Researchers revealed two novel attack methods exploiting a critical feature in Intel's high-end processors, the conditional branch predictor. This vulnerability casts a shadow over billions of processors in use worldwide.

A recent survey found that many people still rely on unsafe methods to manage their passwords, both at work and at home. Over half (54%) admitted to using their memory, and a third (33%) said they use pen and paper to store passwords

Google addressed a critical security vulnerability (CVE-2024-4671) in Chrome, the fifth zero-day exploit found this year. This flaw, which resides in the browser's visual rendering component, could grant attackers unauthorized access to data or even control of your computer.

Researchers have uncovered a large network of fake online stores operated by a China-based cybercriminal group called BogusBazaar. This group has defrauded over 850,000 victims so far by creating tens of thousands of deceptive websites.

Google is entering the booming cybersecurity market with a fresh set of security products that leverage both threat intelligence and security operations expertise acquired through Mandiant, a company Google purchased in 2023.

Apple recently released urgent security updates for iPhones, iPads, and macOS to combat various vulnerabilities, including a critical zero-day exploit actively used by attackers. This zero-day flaw, CVE-2024-23296, resides within Apple RTKit, a core operating system component present on most Apple devices.

Scammers are capitalizing on DocuSign's popularity to launch phishing attacks against businesses. A black market thrives for fake DocuSign templates and login credentials, making it easier for attackers to build convincing scams. Phishing emails disguised as DocuSign requests are on the rise.

Apple and Google are joining forces to combat unwanted Bluetooth tracking. A new feature, "Detecting Unwanted Location Trackers," has begun rolling out on iOS 17.5 and Android 6.0+ devices.

There's a rising security risk with customer chatbots, especially those built on readily available general-purpose AI engines. While these chatbots are convenient to develop, securing them is a challenge, as a recent incident demonstrates. In January 2024, a researcher managed to manipulate a chatbot into bad-mouthing its own company.

GitLab recently addressed two critical security vulnerabilities. The first, patched in May 2024 (CVE-2024-4835), is a high-severity flaw in the VS code editor that allows attackers to steal sensitive information through malicious web pages.

The BlackSuit ransomware gang has leaked stolen data from attacks against 53 organizations spanning a year, particularly in the education and industrial goods sectors. This targeted approach suggests they're aiming to maximize profits by hitting businesses more likely to pay high ransoms. Their success is linked, in part, to exploiting weak security measures.

A new report reveals a concerning issue within the public sector: a growing security debt. This term refers to the backlog of unpatched vulnerabilities and outdated systems plaguing government agencies and critical infrastructure.

European banks are facing a significant rise in ATM malware attacks. This malicious software targets ATMs, allowing criminals to steal cash directly from the machines. Security researchers have identified a specific strain called "DispenserSpitter" capable of manipulating the ATM's cash dispensing mechanism.

Fog, a new ransomware operation, has been targeting educational organizations in the US since early May 2024.  This ransomware gains access to victim networks through compromised VPN credentials, highlighting the importance of strong VPN security. 

According to a recent report, Apple has pledged to deliver security updates to iPhones for a minimum of five years after their release. This commitment strengthens Apple's reputation for providing long-lasting software support for its devices.

System logs, which record every action within a computer system, are a double-edged sword. While valuable for security teams to identify suspicious activity, they also provide attackers with a blueprint to your defenses. Hackers can exploit vulnerabilities in logs to discover weak passwords, outdated software, and potential pathways to access sensitive data.

Apple announced a new feature called "Apple Intelligence" at their recent developer conference, marking their entry into the competitive world of artificial intelligence. This feature will personalize user experiences on Apple devices by leveraging generative AI technology.

Traditional methods struggle to keep pace with the growing number and complexity of cyber threats. AI could offer significant advantages by automating tasks, analyzing vast amounts of data, and predicting potential risks.

Atlassian addressed high-risk vulnerabilities in Confluence, Crucible, and Jira through recent security updates. These updates are crucial for mitigating various security weaknesses that could potentially allow attackers to gain unauthorized access to sensitive data, manipulate servers, and cause significant disruptions.

VMware released critical security patches to address remote code execution (RCE) vulnerabilities in vCenter Server. These vulnerabilities could allow attackers to gain full control over affected systems.

A cunning malware campaign is targeting users with fake Google Chrome errors, Microsoft Word errors, and even fake OneDrive errors. These deceptive messages aim to trick people into running malicious PowerShell scripts that can infect their devices with malware.

Google's Project Naptime tackles cybersecurity through a novel method: AI-powered vulnerability research. Unlike traditional manual code audits, Project Naptime employs a large language model (LLM) to mimic a security researcher.

Google recently enhanced Chrome Enterprise Core, a free browser management tool for organizations. These improvements aim to streamline browser control for IT and security teams. While a paid version, Chrome Enterprise Premium, offers advanced security features, Chrome Enterprise Core focuses on configuration and policy management.

A recently discovered vulnerability in OpenSSH servers, designated CVE-2024-6387 and named regreSSHion, poses a significant security risk. This flaw could allow unauthorized actors to remotely execute code on vulnerable systems.

Google is upping the ante on virtual machine security with the launch of kvmCTF, a new bug bounty program. This program specifically targets vulnerabilities within the KVM hypervisor, a technology fundamental to running virtual machines.

Law enforcement has a powerful new tool in the fight against child sexual abuse material (CSAM). Researchers identified thousands of CSAM website users by analyzing information stolen by malware. This innovative approach involves cross-referencing stolen login credentials with known CSAM domains. Combined with publicly available information gathering (OSINT), researchers were able to link stolen credentials to real users.

A recent update to CrowdStrike Falcon caused significant disruptions globally by crashing Windows systems. The update's faulty component led to numerous systems encountering boot loops or the Blue Screen of Death (BSOD).

After the Falcon update caused widespread IT outages, attackers quickly crafted phishing campaigns, posing as CrowdStrike support, to deliver malicious payloads. One notable campaign involves a fraudulent CrowdStrike recovery manual that installs the Daolpu info-stealer.

Researchers have discovered a significant privilege escalation vulnerability in Google Cloud Platform's Cloud Functions, known as "ConfusedFunction." This flaw allows attackers to misuse the Default Cloud Build Service Account to access sensitive Google services such as Cloud Build, storage, and various registries.

Cybersecurity researchers have discovered that threat actors are exploiting Cloudflare's tunnel service, TryCloudflare, to deliver malware. This service, designed to create secure, private connections, is being misused to conceal command-and-control (C&C) infrastructures, evading traditional security measures.

A company has reportedly paid a record-breaking $75 million ransom to the Dark Angels ransomware group, as disclosed in Zscaler's ThreatLabz 2024 Ransomware Report. This ransom, paid in early 2024, is nearly double the highest previously known payment.

A recent study by cybersecurity firm Ironscales reveals that 40% of business email compromise (BEC) lures are now generated using artificial intelligence (AI), highlighting a significant shift in phishing tactics.

A critical security flaw, known as "0.0.0.0 Day," has been discovered in popular web browsers including Chrome, Firefox, and Safari, impacting MacOS and Linux systems. This vulnerability, which has been present for 18 years, allows malicious websites to exploit the 0.0.0.0 IP address to access local services and execute arbitrary code on a user's device.

A significant security vulnerability has been discovered in a widely used RFID system, revealing the presence of a hardware backdoor that could allow attackers to gain unauthorized access to secured facilities and systems.

The FBI has disclosed that the Ransomhub ransomware group has successfully breached 210 victims since February 2024, targeting a wide array of sectors and causing severe disruptions. This group encrypts victims' data and demands significant ransom payments in exchange for decryption keys.

A vulnerability known as "Eucleak" has been discovered in YubiKey security keys, often used for MFA authentication, which allows attackers to clone the keys by exploiting a flaw in a cryptographic library.