Gary Langston

Cyber Monday brings incredible deals—but it also attracts cybercriminals looking to exploit shoppers . Fraudsters use fake websites, phishing emails, and misleading ads to steal money, personal information, or identities. Common Scams Fake retailer sites : Look-alike domains with odd spellings or missing security (no HTTPS). Phishing emails & texts : “Exclusive deals” or “delivery issues” that link to malicious sites. Too-good-to-be-true offers : Deep discounts on electronics, gift cards, or luxury items. Charity scams : Fraudulent donation sites targeting Giving Tuesday generosity. How to Stay Safe Shop only on trusted, secure websites (look for HTTPS). Type retailer URLs directly— don’t click links in emails or ads. Use credit cards for stronger fraud protection. Compare prices across trusted platforms to spot fake “discounts.” Verify charities before donating. Report Fraud If you suspect a scam: Contact your bank or credit card provider immediately . Report ...

  CodeRED emergency alert system is currently down across many regions in the U.S. following a ransomware attack on its vendor, Crisis24. The incident has disrupted critical emergency communications and exposed user data. What Happened Attack Type : Ransomware Threat Actor : INC ransomware group Target : OnSolve CodeRED platform (owned by Crisis24) Impact : Emergency alerts (weather, missing persons, terror threats) are unavailable in many municipalities. Personal data compromised : names, addresses, emails, phone numbers, and passwords used to create CodeRED accounts. Key Details Date of Outage : Began in early November 2025, publicly confirmed Nov 26 Scope : Hundreds of municipalities affected nationwide Response : Crisis24 is migrating customers to a new CodeRED platform hosted in a separate, hardened environment. Some cities (e.g., Douglas County, CO) have terminated their CodeRED contracts and are seeking replacements. Others are using social media, door-...

  Microsoft is enhancing Entra ID authentication security by enforcing a stricter Content Security Policy (CSP) that blocks external script injection starting in mid-to-late October 2026. This change will prevent unauthorized scripts from executing during browser-based sign-ins. What’s Changing in Entra ID Authentication As part of Microsoft’s Secure Future Initiative , Entra ID will implement a hardened Content Security Policy (CSP) for sign-in pages hosted at login.microsoftonline.com . This update will: Block external script injection , including inline scripts from untrusted sources. Allow only scripts from Microsoft-trusted domains (e.g., Microsoft CDN). Mitigate cross-site scripting (XSS) and other injection-based attacks during authentication. This change does not affect Microsoft Entra External ID or non-browser-based sign-in experiences. What Admins Should Do To prepare for the rollout: Stop using browser extensions or tools that inject scripts into the En...

  Microsoft is currently experiencing an Exchange Online outage today (Nov 25, 2025). The issue is preventing many users from connecting to their mailboxes via the classic Outlook desktop client, with impact reported across Asia Pacific and North America. Microsoft has acknowledged the incident under ID EX1189820 and is actively investigating.  As a workaround, users can still access mailboxes through Outlook on the Web (OWA) Details of Today’s Exchange Outage Incident ID : EX1189820 Start Time : 09:57 AM UTC (Nov 25, 2025) Impact : Users unable to connect to Exchange Online mailboxes in the classic Outlook desktop client. Login and server connection failures reported. Regions Affected : Asia Pacific and North America. Workaround : Microsoft advises using Outlook on the Web (OWA) until the issue is resolved. Additional Issue : A separate incident is also affecting search functionality in the Outlook desktop client, acknowledged earlier today at 05:05 AM UTC. ...

  What Happened? On November 12, 2025 , SitusAMC detected unauthorized access to its systems. Hackers exfiltrated sensitive corporate and client-related data. The attack did not involve ransomware or encrypting malware , suggesting the goal was data theft rather than disruption. [techcrunch.com] Data Impacted Corporate data : Accounting records, legal agreements, and internal contracts. Client-related data : Information tied to residential mortgage loans, which may include personally identifiable information (PII) such as Social Security numbers and financial details. The exact scope and number of affected individuals is still under investigation. [ibtimes.co.uk] Who Is Affected Major U.S. banks including JPMorgan Chase, Citigroup, and Morgan Stanley were notified that their data may have been exposed. SitusAMC works with hundreds of lenders, so the potential ripple effect across the financial sector is significant. [webpronews.com] SitusAMC has contained the breach,...

What is Ghost Tapping? Imagine you have a magic card that buys things when you tap it on a special machine. That magic works because the card and the machine can “talk” when they’re really close—like whispering secrets. Ghost Tapping is when a sneaky person uses that magic without asking you. How do they do it? Bump-and-Scan: Picture someone with a secret machine hiding in their pocket. If they bump into you in a busy place, their machine can “whisper” to your card and take a little bit of money—without you even noticing. Fake Seller: They act like they’re selling something or collecting donations. They might charge way more than you agreed. Or they rush you so you don’t see the real price before you tap. How can you stay safe? Use a Shield: Keep your card in a special wallet that blocks signals (called RFID protection). Be Alert: Don’t use tap-to-pay in crowded places and keep your card close. Turn on Alerts: Make sure your bank sends you a message every tim...

Type: OS Command Injection vulnerability (CWE-78) Affected Product: Fortinet FortiWeb (Web Application Firewall) Affected Versions: 8.0.0 – 8.0.1 7.6.0 – 7.6.5 7.4.0 – 7.4.10 7.2.0 – 7.2.11 7.0.0 – 7.0.11 [nvd.nist.gov] , [cvedetails.com] Description The vulnerability is caused by improper neutralization of special elements used in OS commands . An authenticated attacker can exploit this flaw by sending crafted HTTP requests or CLI commands , allowing them to execute arbitrary code on the underlying system. This can compromise the integrity, confidentiality, and availability of the device. [nvd.nist.gov] , [cvedetails.com] Severity CVSS v3.1 Base Score: 7.2 (High) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Impact: High on Confidentiality, Integrity, and Availability [cvedetails.com] Exploitation Status Actively Exploited: Yes. Fortinet confirmed expl...