Irainian Phishing Campaign Attempts to Bypass 2FA

A new phishing campaign by the Iranian state-sponsored group known as “Charming Kitten” is using new tactics to trick users out of their passwords and both SMS and app generated two-factor codes.  Charming Kitten is tied to the Islamic Revolutionary Guard.  This campaign has been ongoing since October 2018.  Information on this attack was released on December 18, 2018 by Certfa Lab.

Targets of these attacks are high-ranking individuals in the financial ...

Continue Reading →
0

Your Location is For Sale

I have written before about how our smartphones are ratting out our location, using GPS and even just cell tower location information.  The New York Times recently published a story that followed a woman throughout her day and discovered that her location was collected over 8000 in a single day.  From the location database they purchased from a location data broker, they were ...

Continue Reading →
0

Sunday Funnies – Swedish Girl Finds Really Old Sword in Lake

From the SmithsonianVideo on CNN

Back in July, eight-year-old Saga Vanecek was playing in a lake near her family’s summer home in Sweden. She reached into the water and pulled out what she thought was a stick—but quickly realized that it was something far more special.

“Daddy, I found a sword!” she cried, according to Catherine Edwards of the Local Sweden.

Saga’s family subsequently alerted the Jönköpings Läns Museum to the discovery, and experts there have ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Warn your friends they can’t bypass Facebook with this hoax

No, none of us can “bypass” Facebook’s newsfeed algorithms by copy-pasting our way past them.  I have friends and relatives that are trying to use this by it is fake.


Update now! Adobe Acrobat and Reader have critical flaws

Adobe has patched two critical flaws in ...

Continue Reading →
0

EMV Cards Not Preventing Card Data Theft

The implementation of EMV (Europay, Master Card, Visa) or “chip” cards have not reduced the instances of credit card theft in the US.  The reason:  WE ARE DOING IT WRONG!!  I have been writing about the late implementation of EVM for years, and complaining about the “chip and sign” method we are using in the United States, vs. the much more secure “chip and PIN” method used in Europe, where they ...

Continue Reading →
0

Chinese Attacks Against MSPs and IT Support Companies Puts Clients At Risk

US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs.  An MSP provides support principally by using remote monitoring, remote access, and remote control software products.  They install a monitoring tool called an “agent,” and a command and control device on the ...

Continue Reading →
0

Sunday Funnies – IBM Error

This image from Pinterest seemed familiar to me.  In technology we have similar sayings.  Terms such as PEBKAC (Problem Exists Between Keyboard And Chair), Identity Error or ID-10T/1D-10T error (idiot error), PICNIC (Problem In Chair, Not In Computer), IBM error (Idiot Behind Machine error) and other similar phrases are used as slang in technical circles with derogatory meaning.

0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Securing New Devices

12/28/2018 03:57 PM EST  Original release date: December 28, 2018

During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of ...

Continue Reading →
0

Top Cyber-Attack Vectors – Past, Present, and Future

Are you wondering what exploits represent the biggest threats in 2019?  It can be difficult and expensive to defend against everything.  If your company is budget-constrained, it may make more sense to defend against what is “likely” instead of everything that is “possible.”  Today we look at some of the biggest cyber-attack methods from the past, the present and the future.

Past

While these threats ...

Continue Reading →
0
Page 1 of 147 12345...»