West Coast Technology Professionals

Name: West Coast Technology Professionals
Address: San Clemente, CA, 92672, US
Telephone: +19496254270

Home
United States
San Clemente, CA
West Coast Technology Professionals

The IT support solution you need for your business, family, and home. WCTP is your one-stop boutique At WCTP we are not just your technology support team.

We are your trusted partner in providing expert technology guidance. All of our technicians go above and beyond to make certain that you are fully satisfied with the quality and completion of their work. With technology changing so quickly, it is essential to have an IT partner with the up-to-date skills and knowledge that allow your business to thrive. WCTP provides technology support & management services for Orange County. We are your advocate in the complex world of technology.

01/24/2023

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation.

The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code ex*****on when processing maliciously crafted web content.

While it was originally addressed by the company on November 30, 2022, as part of iOS 16.1.2 update, the patch was expanded to a broader set of Apple devices with iOS 15.7.2, iPadOS 15.7.2, macOS Ventura 13.1, tvOS 16.2, and Safari 16.2.

To that end, the latest update, iOS 12.5.7, is available for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
Clément Lecigne of Google's Threat Analysis Group (TAG) has been credited with discovering the vulnerability, although exact specifics surrounding the exploitation attempts in the wild are currently unknown.

The update comes as Apple released iOS 16.3, iPadOS 16.3, macOS Ventura 13.2, watchOS 9.3, and Safari 16.3 to remediate a long list of security flaws, including two bugs in WebKit that could lead to code ex*****on.

macOS Ventura 13.2 also plugs two denial-of-service vulnerabilities in ImageIO and Safari, alongside three flaws in the Kernel that could be abused to leak sensitive information , determine its memory layout, and execute rogue code with elevated privileges.
It's not all bug fixes, though. The updates also bring with them the ability to use hardware security keys to lock down Apple IDs for phishing-resistant two-factor authentication. They also expand the availability of Advanced Data Protection outside of the U.S.

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

Credit: https://thehackernews.com/2023/01/apple-issues-updates-for-older-devices.html

01/19/2023

Another malware for rent named Hook has been released by the threat actor responsible for the BlackRock and ERMAC Android banking trojans. Hook adds new features to access files stored on the devices and establish a remote interactive session.

Additionally, it expands its toolkit's Remote Access Tooling (RAT) capabilities, joining families like Octo and Hydra that can perform a full Device Take Over (DTO) and finish an entire fraud chain, from PII exfiltration to transaction, with all necessary intermediate steps, without the use of additional channels.

The malware, like other Android malware of a similar nature, takes advantage of Android's accessibility services APIs to carry out overlay attacks and gather various types of sensitive data, including contacts, call logs, keystrokes, two-factor authentication (2FA) tokens, and even WhatsApp messages.

The ability to obtain files, extract seed phrases from cryptocurrency wallets, track the location of the phone, and remotely view and interact with the infected device's screen are a few other significant features that will be added to Hook, blurring the distinction between spyware and banking malware.

If you are concerned about your network security and would like a free evaluation contact us today!

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

01/17/2023

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could be exploited to gain unauthorized access to cloud resources.

SSRF attacks could have serious consequences as they enable a malicious interloper to read or update internal resources, and worse, pivot to other parts of the network, breach otherwise unreachable systems to extract valuable data.

A brief summary of the four vulnerabilities is as follow -
* Unauthenticated SSRF on Azure Digital Twins Explorer via a flaw in the /proxy/blob endpoint that could be exploited to get a response from any service that's suffixed with "blob.core.windows[.]net"
* Unauthenticated SSRF on Azure Functions that could be exploited to enumerate local ports and access internal endpoints
* Authenticated SSRF on Azure API Management service that could be exploited to list internal ports, including one associated with a source code management service that could then be used to access sensitive files
* Authenticated SSRF on Azure Machine Learning service via the /datacall/streamcontent endpoint that could be exploited to fetch content from arbitrary endpoints

If you work from Microsoft Azure and need help with the mitigation process to keep you and your software safe, contact us today for a free evaluation!

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

Information sourced from thehackernews.com

01/05/2023

WCTP SecOps team is actively monitoring an OS Command vulnerability (CWE-78, CVE-2022-39947) in FortiADC, Fortinet’s Application Delivery Controller. An attacker with access to the web GUI may execute malicious commands via HTTP requests due to improper neutralization of special elements. It is being tracked as CVE-2022-39947 with a CVSS score of 8.6 and can lead to remote code ex*****on (RCE). Fortinet has released patches for 6.x.x and 7.x.x software versions.

Affected Products:

FortiADC version 7.0.0 through 7.0.1
FortiADC version 6.2.0 through 6.2.3
FortiADC version 5.4.0 through 5.4.5
FortiADC all versions 6.1
FortiADC all versions 6.0
How to Mitigate:

Follow the steps outlined in Fortinet’s PSIRT Advisory as soon as possible:

Upgrade to FortiADC 7.0.2 or above
Upgrade to FortiADC 6.2.4 or above
Upgrade to FortiADC 5.4.6 or above
WCTP SecOps has NOT seen any indicators of compromise in our partners’ environments.

We will continue to actively monitor for any indicators of compromise associated with this vulnerability.

01/05/2023

SaaS-to-SaaS phishing attack:
The SaaS-to-SaaS phishing attack technique is a hard-to-detect method wherein attackers use a multi-stage attack chain.
* This phishing attack starts with the delivery of a fake invoice, secure document, or PDF hosted on cloud services.
* Either this document is downloaded or enabled via cloud services for the user to open the PDF for viewing.

These phishing emails are hard to detect at the time of scanning as their components, including the content and URLs appear legit.

Multi-stage cloud phishing attack:
Hackers are actively using multi-stage cloud phishing techniques that combine traditional phishing with second-phase or even third-phase actions.
* Attackers steal an employee’s email and establish a new Office 365 account on a rogue device in the victim’s name.
* Further, they use the victim’s legitimate user account (established on the rogue device) to internally send phishing emails to other employees or to their customers.
* They steal the other employees' accounts by internal phishing and deploying malware on the compromised systems.

Other novel phishing techniques:
Last month, experts demonstrated how complex attacks can be automated to create a full infection flow, from spear-phishing to reverse shell, using AI models.
* With the addition of an AI Chatbot, attackers can generate millions of spear phishing messages, multiple scripts with variations, and other malicious artifacts in seconds.
* Hackers are using Smishing (SMS+Phishing), QRishing (QR Codes + Phishing), and SMishing + QRishing+ social engineering tactics delivered to victims via cloud hosting platforms.
* Last year, attackers used these above-mentioned techniques to launch several prominent attacks against LinkedIn, Microsoft Azure AD, Dropbox, Uber, and other companies.

If you would like a complete evaluation of your networks security contact us today!

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

01/03/2023

Cyberattacks are surging. Healthcare systems and other critical sectors are increasingly coming under more digital assaults as the threat of malware, ransomware and spyware continues to evolve. Securing critical infrastructures plays a key part in mitigating cyber risks.

If you are concerned about your network security and would like a free consultation contact one of our IT specialist today.

Four major cyber concerns are expected to take priority in 2023.

1.) Critical Sectors such as financial, energy and health care. All of them have already experienced a skyrocketing number of hacks and these industries have been robbed of hundreds of millions of dollars. Not only have they been robbed of money but they have had their data exposed and essential services shut down.

2.) Ransomware attacks have had a dramatic spike, particularly in health care and financial sectors. These attacks have caused outages in multiple hospitals, have closed schools in the U.S. and carried out multimillion-dollar hacks on a number of companies in Costa Rica causing them to declare a state of emergency last May.

3.) Foreign Spyware is gaining more attention after NSO Group facilitated unlawful surveillance against government officials, journalists, dissidents and human rights activists.

4.) Labor Shortage is a concern because with the rising cyber attacks there is a new urgency for cyber-roles for both private and federal agencies. The cyber workforce is minimal and these companies are desperatly seeking to fill these new roles to keep their companies safe.

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

12/30/2022

The password manager’s most recent data breach is so concerning, users need to take immediate steps to protect themselves.

For the security service's 25.6 million users, though, the company made a worrying announcement on December 22: A security incident the firm had previously reported (on November 30) was actually a massive and concerning data breach that exposed encrypted password vaults. The breach also includes other customer data, including names, email addresses, phone numbers, and some billing information.

Now, nearly a week since the disclosure, the company has not provided additional information too confused and worried customers. And the timing is significant, because a big question is how long it will take attackers to start “cracking,” or guessing, the keys used to encrypt the stolen password vaults. If attackers have had three or four months with the stolen data, the situation is even more urgent for impacted LastPass users than if hackers have had only a few weeks.

If you use LastPass and want to make sure your data is protected, contact us today to schedule a free consultation.

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

For more information visit: https://www.wired.com/story/lastpass-breach-vaults-password-managers/

12/27/2022

BlueNoroff created numerous fake domains impersonating venture capital companies and banks. Some of the bogus domains have been found to imitate ABF Capital, Angel Bridge, ANOBAKA, Bank of America, and Mitsubishi UFJ Financial Group.

It has since been associated with high-profile cyber assaults aimed at the SWIFT banking network between 2015 and 2016, including the audacious Bangladesh Bank heist in February 2016 that led to the theft of $81 million.

Since at least 2018, BlueNoroff appears to have undergone a tactical shift, moving away from striking banks to solely focusing on cryptocurrency entities to generate illicit revenues.

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections.

This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain.

If you have questions about your network security or would like a free evaluation contact our network specialists today!

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

12/22/2022

Zoom has patched a cross-site scripting XXS bug that worked in both the desktop and web versions of its Whiteboard app.

Cross-site scripting (also known as XSS) is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application.

Whiteboard supports several types of objects, including text, shapes, rich text, images, and sticky notes.

There are two factors that make it difficult to find and plug such bugs. First is the breadth and depth of JavaScript web APIs that support additional features and second is the growing overlap between web and native/desktop applications.

There are flaws in third-party dependencies. Code scanning tools did not pick up the actual [Zoom] vulnerability because the user input flowed through a third-party dependency. Typically, code scans in CI/CD pipelines do not install third-party dependencies and run only on the project source code. The takeaway here is to be very aware of the third-party components you are using and how you are using them.

If you are interested in learning more about vulnerabilities and how they can be effecting you and your business or would like a free consultation, contact us today.

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

12/20/2022

Apple just rolled out iOS 16.2, a software update that includes a key new feature called Advanced Data Protection for iCloud. That means you can finally enable end-to-end encryption for your iCloud backups so no one but you—not even Apple—can access your iCloud data.

The fact that iCloud backups haven’t offered the option of end-to-end encryption until now has long been a point of controversy. iCloud backups of the Messages app were of particular concern because Apple could still hand over certain types of data within the backups to law enforcement.

How to turn on Advanced Data Protection

1. Turn on two-factor authentication for your Apple ID if you haven’t done so already.

2. Update all your Apple devices to iOS 16.2, iPadOS 16.2, macOS 13.1, tvOS 16.2, watchOS 9.2, or newer.

3. On an iPhone or iPad, open Settings (or System Preferences on a Mac) > [Your name] > iCloud > Advanced Data Protection > Account Recovery.

4. Head back to Settings > [Your name] > iCloud > Advanced Data Protection, tap Turn on Advanced Data Protection, and then follow the on-screen prompts.

For more information visit https://www.nytimes.com/wirecutter/reviews/how-to-set-up-apples-new-icloud-encryption-security-feature/

If you need help with your data protection contact us today!

12/15/2022

Russian-affiliated ransomware group LockBit reportedly claimed the California Department of Finance was one of its latest victims.

LockBit has claimed hundreds of high-profile organizations as victims and threatened to leak data if unspecified demands were not met by Dec. 24. Cybersecurity experts say those demands typically involve money.

LockBit operates on what’s known as a ransomware-as-a-service basis a threat analyst for anti-virus software company. This simply means that people can sign up as affiliates and use the ransomware to carry out attacks, splitting the proceeds with the people who created it - and those affiliates can be based anywhere.

LockBit has been deployed against at least 1,000 victims in the United States and around the world. LockBit affiliates have made at least $100 million in ransom demands and have extracted tens of millions of dollars in actual ransom payments from their victims.

Are you concerned if your data is secure? If you want more information or a free consultation contact us today!

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

12/02/2022

Password manager LastPass has told customers that some of their information has been accessed in a cybersecurity breach, but says passwords remain safe.

LastPass is one of several password managers in the market that aims to reduce the reuse of passwords online, by storing themin a single app. It also makes it easier for users to generate strong passwords as required.

Is your companies network protected? If you are unsure or interested in more information on Network Security contact us today.

💻 https://www.wctechpro.com/smcontactpage

📲 949.625.4270

📧 [email protected]

In August, LastPass determined that some of its source code and technical information was taken from unauthorised access to a third-party storage service the company had been using.

After an investigation the company said, while the threat actor had been able to access the company’s development environment, the system had prevented access to customer data or encrypted passwords.

At the time LastPass said the attacker had taken portions of source code and some proprietary LastPass technical information, but believed the risk to the app was limited.

LastPass said that its production environment was physically separate to the development environment and not directly connected. The company also conducted an analysis of its source code and production builds to verify there were no attempts to inject malicious code.

Address

San Clemente, CA
92672

Telephone

+19496254270

Website

http://wctechpro.com/

Alerts

Be the first to know and let us send you an email when West Coast Technology Professionals posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to West Coast Technology Professionals:

West Coast Technology Professionals

01/24/2023

01/19/2023

01/17/2023

01/05/2023

01/05/2023

01/03/2023

12/30/2022

12/27/2022

12/22/2022

12/20/2022

12/15/2022

12/02/2022

Address

Telephone

Website

Alerts

Contact The Business

Shortcuts

Share

Category