Chicago IT Support & Cyber Security | Forward Technologies

Chicago-based Forward Technologies delivers IT support and cyber security to businesses in the Chicago area and nationwide.

  • Home
  • Services
    • Outsourced IT Support
    • DMARC Email Security
    • Development
      • Web Development & Facelifts
      • CustomView: Plugin for WordPress
    • Data Recovery Service
    • PPC Marketing Services
    • SEO Services
  • Email Security
    • SPF Basics
    • DKIM Basics
    • DMARC Basics
    • Email Security Consulting
  • Data Recovery Service
  • Blog
  • Contact Us

Android Exploit Can Steal 2FA Codes Without Permissions

October 16, 2025 by Edward Silha

Cartoon-style illustration of an Android smartphone glowing in green and blue tones, with pixel fragments peeling off the screen to reveal a two-factor authentication code, symbolizing the Pixnapping attack stealing visual data.A new attack called Pixnapping can steal sensitive data from Android devices, without needing a single permission. The exploit targets visual data on-screen, including two-factor authentication codes, private messages, and location histories. It works by quietly measuring how long it takes to render specific pixels. If that sounds like science fiction, it’s not. Researchers have already tested it on Pixel and Samsung devices with unsettling results. [Read more…]

Filed Under: Blog, Cybersecurity Tagged With: 2fa, 2FA code theft, alan linghao wang, Android, android security, CVE-2025-48561, cybersecurity, cybersecurity research, galaxy s25, google authenticator, google security patch, gpu.zip, malware, mobile hacking, pixel 6, pixel 7, pixel 8, pixel 9, Pixel devices, pixnapping, ricardo paccagnella, smartphone vulnerabilities, timing attack

Windows 10 Is Dead. Long Live Windows 10!

October 14, 2025 by Edward Silha

A cartoon-style illustration showing an old desktop PC holding a shield labeled "Windows 10" while standing defiantly. Around it, sleek new laptops and tablets wave flags with the Windows 11 logo. The background hints at a battlefield, symbolizing the ongoing fight for relevance and support in the Windows ecosystem.After nearly a decade, Microsoft is finally closing the book on Windows 10. As of today, free support and regular security patches have officially ended. But despite the headlines, your computer is not about to implode. If you plan wisely, or even just use decent security software, you can keep running Windows 10 safely for a quite a bit longer. [Read more…]

Filed Under: Blog, Cybersecurity, Tech In General Tagged With: cybersecurity, ESU program, extended security updates, Microsoft, operating systems, PC upgrades, Windows 10, Windows 11

12 Rogue Certificates for Cloudflare’s DNS Raise Global Security Alarm

September 6, 2025 by Edward Silha

Cartoon-style illustration of a giant padlock labeled “1.1.1.1 DNS” with broken certificate chains, symbolizing compromised trustOn Wednesday, researchers uncovered three improperly issued TLS certificates for Cloudflare’s 1.1.1.1 DNS service, encrypted DNS lookup used by millions. The concern was clear: anyone with those credentials could impersonate Cloudflare’s resolver, decrypt user traffic, or redirect queries to malicious sites.

Further investigation revealed the breach was worse than initially thought. Cloudflare confirmed that Fina CA—a Microsoft‑trusted certificate authority, had in fact issued a total of twelve unauthorized certificates for 1.1.1.1 since February 2024. [Read more…]

Filed Under: Blog, Cybersecurity, Tech In General Tagged With: 1.1.1.1, CA accountability, certificate authority, certificate mis-issuance, Certificate Transparency, Cloudflare, DNS over HTTPS, DNS over TLS, DNS security, encryption, Fina CA, internet trust, Microsoft root store, Microsoft trust, PKI, TLS certificates, TLS mis-issuance, web security

Malicious CAPTCHA Redirects Turn WordPress Sites into Malware Launchpads

August 28, 2025 by Edward Silha

A sinister campaign known as ShadowCaptcha is using over 100 compromised WordPress sites as unwitting hosts, redirecting visitors to fake CAPTCHA pages. These deceptive pages trigger malware delivery ranging from credential stealers to ransomware and cryptocurrency miners.

Researchers from Israel’s National Digital Agency revealed that ShadowCaptcha merges social engineering with living-off-the-land tactics. Attackers aim to steal credentials, exfiltrate browser information, deploy cryptomining software, or trigger ransomware—depending on the route the victim takes. [Read more…]

Filed Under: Blog, Cybersecurity, WebDev Tagged With: browser exploit, ClickFix attack, compromised WordPress plugins, crypto miners, cybersecurity, cybersecurity news, fake CAPTCHA, Help TDS, HTA payload, info stealers, infostealer, JavaScript injection, malware campaigns, mshta.exe, phishing redirect, ransomware, ShadowCaptcha, web application firewall, WinRing0x64.sys, WooCommerce plugin threat, WooCommerce_inputs, WordPress security, XMRig

Federal Court Cyberattacks Are a National Security Crisis, Wyden Warns

August 25, 2025 by Edward Silha

Cartoon-style illustration of a courthouse with digital security lock overlay, representing federal court cybersecurity risks.Cyberattacks on U.S. federal courts are no longer just IT problems. They now pose a national security threat.

That is Senator Ron Wyden’s warning in a blunt letter to Chief Justice John Roberts this week, urging the Supreme Court to address repeated breaches of the judiciary’s document filing and email systems. Wyden called the hacks “unacceptable” and said weak practices have left the courts “an inviting target” for foreign adversaries. [Read more…]

Filed Under: Blog, Cybersecurity Tagged With: AI governance, AI risk management, APT29, CM/ECF, court breach, cybersecurity, data security, digital defenses, federal court cybersecurity, federal judiciary, hacking, identity-first security, multi‑factor authentication, national security, outdated IT infrastructure, oversight, PACER, PACER hack, post-quantum cryptography, quantum threats, Russian hackers, Senator Ron Wyden, sen‑ron‑wyden, shadow AI, supreme court, U.S. judiciary, zero trust, zero trust security

  • 1
  • 2
  • 3
  • 4
  • Next Page »

Social Media

  • Facebook
  • GitHub
  • LinkedIn
  • Periscope
  • Twitter

Forward Technologies
747 N LaSalle
STE 500B
Chicago, IL 60654
(312) 715-7806

Copyright © 2025 — Forward Technologies • All rights reserved. • Privacy Policy •