Dave’s LIfe – DavidJohnston.org

I’m back!

February 16, 2020 by Dave

My wife Grace just started a blog for a class she’s taking. Seeing her post each week, made me think about how much fun I had blogging years ago. I had a blog from 2004 to about 2013 with several names including dave.sonic.net, AngryVillagers.net, and FriendsofDave.org. I liked having a place to capture my thoughts. …

Microsoft Exchange Server Exploits Hit Retail, Government, Education March 5, 2021
Mandiant researchers identify a range of victims affected in attacks targeting newly reported Microsoft Exchange Server vulnerabilities.
5 Ways Social Engineers Crack Into Human Beings March 5, 2021
These common human traits are the basic ingredients in the con-man's recipe for trickery.
Business Apps Spoofed in 45% of Impersonation Attacks March 4, 2021
Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.
Healthcare Still Seeing High Level of Attacker Activity March 4, 2021
Interest in vaccines is driving all sorts of activity, reports say, from vaccine-specific phishing to growing bot traffic on healthcare sites.
New Social Security Scam Spoofs Government Badges March 4, 2021
Criminals text or email photos of fake government identification badges to trick people into sending money.
Qualys Is the Latest Victim of Accellion Data Breach March 4, 2021
Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.
More Details Emerge on the Microsoft Exchange Server Attacks March 3, 2021
The attacks seem more widespread than initially reported, researchers say, and a look at why the Microsoft Exchange Server zero-days patched this week are so dangerous.
How SolarWinds Busted Up Our Assumptions About Code Signing March 3, 2021
With so much automation in code writing process, results are rarely double-checked, which opens the door to vulnerabilities and downright danger.
How Enterprises are Developing Secure Applications March 3, 2021
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks March 2, 2021
Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China.