At the beginning of this week, the U.S. auto industry was thrown into turmoil due to a sweeping software outage caused by a cyber-attack on CDK, the primary technology provider for more than 15,000 retail locations. This disruption significantly impacted dealer management systems crucial for transaction completion. These included profitability tracking and employee compensation management […]
Category: featured
Enhancing Your IT with Robust Cybersecurity Services
When we think of big-picture IT, we often conceptualize fixing existing problems and troubleshooting future issues with workplace technology. However, how many of us consider cybersecurity as an essential part of our IT strategy? Protecting against malicious attacks that could cripple or even shutter our business is increasingly crucial, as recent news stories have […]
Microsoft Rolls Out Critical Cybersecurity Updates
In the realm of cybersecurity, Microsoft’s Patch Tuesday updates for June 2024 stand as a formidable bulwark against a myriad of vulnerabilities, encompassing 51 crucial fixes, including one Critical and 50 Important patches. Complementing this endeavor are the resolution of 17 vulnerabilities in the Chromium-based Edge browser, strengthening defenses against potential exploits. Notably, none of […]
Insights from IT Nation Secure 2024: Key Takeaways for Velox Systems
This past weekend, three of our team members attended the “IT Nation Secure 2024” Conference at the Gaylord Palms Resort and Convention Center near Orlando, Florida. Hosted by ConnectWise, an IT service platform integral to our daily operations, this security conference brought together companies like Velox to attend expert-led classes on cybersecurity. A notable guest […]
MozCon Revelations That Will Shift Cybersecurity Mindset
Last week, as the marketing specialist at Velox Systems, I had the opportunity to attend the MozCon conference in Seattle, Washington. This national conference brings together experts in cybersecurity and marketing from around the world, featuring high-caliber keynote speakers and numerous networking and breakout sessions. At Mozcon, I unearthed revelations that will shift your […]
Unveiling the Stealth: How Threat Actors Harness Microsoft Graph API for Malicious Intent
In a digital landscape where innovation meets nefarious intent, threat actors have honed their craft, wielding tools like the Microsoft Graph API as a double-edged sword. This sophisticated tactic, highlighted by the Symantec Threat Hunter Team, a division of Broadcom, sheds light on a concerning trend: the exploitation of seemingly benign technologies for malicious ends. […]
CISA Issues Alert: Active Exploitation of Microsoft SharePoint Vulnerability by Hackers
In the dynamic realm of cybersecurity, constant vigilance is essential to mitigate emerging threats. Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog to include a critical security flaw affecting Microsoft SharePoint Server, designated as CVE-2023-24955 with a CVSS score of 7.2, allowing authenticated attackers with Site Owner […]
Cybercriminals Utilizing Well-Known Document Publishing Platforms for Phishing Schemes
Within the rapidly shifting landscape of cyber threats, adversaries are now leveraging Digital Document Publishing (DDP) sites such as FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for phishing, credential harvesting, and session token theft, exploiting the platforms’ favorable reputation, evasion of web filter blocklists, and users’ false sense of security. Craig Jackson from Cisco Talos […]
Ande Loader Malware Sets its Sights on North American Manufacturing Sector
In the ever-evolving landscape of cybersecurity threats, the emergence of Blind Eagle, a financially motivated threat actor utilizing loader malware Ande Loader, highlights the sophistication and adaptability of malicious entities. Targeting Spanish-speaking users in the manufacturing industry across North America via phishing emails laden with RAR and BZ2 archives, Blind Eagle orchestrates a complex infection […]
Microsoft’s Midnight Blizzard Breach: Unraveling the Unprecedented Cybersecurity Threat
In a startling disclosure on Friday, Microsoft unveiled a cyber-security nightmare: the Kremlin-backed threat actor Midnight Blizzard, also known as APT29 or Cozy Bear, successfully breached some of the tech giant’s critical source code repositories and internal systems. This revelation, stemming from a hack in November 2023 that surfaced in January 2024, not only underscores […]