he Multi-State Information Sharing and Analysis Center has issued another advisory relating to vulnerabilities in Google Android OS that could allow for remote code executition with no additional privileges needed. This includes, phones, smart watches, tablets and other devices. Threat Intelligence: Google indicates limited, targeted exploitation of CVE-2024-43093 and CVE-2024-50302. Systems Affected: Android OS patch [...]
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, threat actors could then install programs, view, change, or delete data, or create new accounts [...]
Multiple vulnerabilities have been discovered in Google Android OS (Patch levels prior to 2025-02-05), the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow [...]
Take Charge of Your Data is the theme of Data Privacy Week 2025, an international effort to empower individuals and businesses to respect privacy, safeguard data and enable trust. For more information, resources and helpful tips to protect your data visit the National Cybersecurity Alliance website: https://www.staysafeonline.org/data-privacy-week
What cybersecurity issues and challenges are being predicted for 2025? Here are some links to recent articles published by experts: Cybersecurity Predictions for 2025: Challenges & Opportunities (National Cyber Security Alliance) 4 Cybersecurity Trends to Watch in 2025 (Cybersecurity Dive) Predictions for 2025 and Beyond (Cyber Security Defense Magazine) The Top 25 Security Predictions for [...]
The Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) published a fact sheet providing mitigations and resources for the Water and Wastewater Systems (WWS) Sector using human machine interfaces (HMIs) to limit exposure on the internet and secure them against malicious cyber activity. HMIs enable operational technology owners and operators to [...]
Analysts began monitoring a phishing scam known as “Payroll Pirates” that involves payroll redirection and primarily targets employees of various organizations, particularly those using Workday. The threat actors use malicious SEO poisoning and spoofed Human Resources (HR) pages to trick victims into providing employee portal credentials. Once they gain account access, they change banking information [...]
One of the best ways to protect your data and files is to make sure you are backing up your systems frequently and that your backup is stored securely offline. Read more in this article published by the NJCCIC Backups the Cure for Viral Cyber Infection.
Beware of the Latest Cyber Threats Targeting You This Holiday Season The holiday season presents an attractive target for financially motivated cybercriminals who seek to exploit online retailers and shoppers. Despite the challenges posed by high inflation rates, the National Retail Federation (NRF) predicts a three to four percent increase in retail sales for the [...]
Security researchers have uncovered the newest tricks in TrickMo’s playbook. The latest variant of TrickMo can steal a user’s device PIN or pattern. This new feature also allows threat actors to use the device while it is locked. The malware shows an HTML page displayed in full-screen mode, designed to replicate the Android unlock screen. [...]
© Copyright 2025 | NJ MEL-JIF | All rights reserved
