Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Robots Can Crack Safes

Robots can crack safes faster than humans — and differently. We’re going to have to start thinking about robot adversaries as we design our security systems.  From Wired via Schneier.

https://www.wired.com/story/watch-robot-crack-safe/


[WordPress Security] Ransomware Targeting WordPress – An Emerging Threat

Over the past month, the Wordfence team has been tracking a ...

Continue Reading →
0

Twitter’s #Hashtag Turns 10

I remember it as the “number sign” or the “pound sign.”  Jeopardy contestants might know it is called an “octothorpe.”  The symbol itself goes back to Roman times, and was used extensively in the telephone industry, appearing on touch tone phone keypads as a way to allow special dialing features.

First suggested by Twitter marketing guru Chris Messina as a way to group, organize, and follow an idea in the Twitter stream, it quickly became a social media staple used not ...

Continue Reading →
0

SANS: Phishing Exploits Are The Top Threat

The SANS institute released the results of  a new survey recently, and found that cybersecurity professionals ranked phishing as the number one exploit this year.  Phishing awareness training programs were seen by many as the best defense against phishing, spearphishing and whaling exploits.  Something that was new this year was the reporting of so-called “malware-less” exploits that use “the built-in features of the operating system to turn it against itself without ...

Continue Reading →
0

How Web Addresses Are Spoofed

One of the tactics that I am seeing more often is the clever use of web address spoofing in the web sites and landing pages used in phishing emails.  This sort of spoofing has been used successfully even against people who have been training to detect phishing emails, and to check link destinations (using the hover trick) and double check web addresses in the browser address bar.

Here are some techniques ...

Continue Reading →
1

How Hard Is It To Become A Cyber-Criminal?

According to a recent article on Naked Security, not at all hard.  While at Black Hat in Las Vegas, researchers from Sophos gave a presentation that dissected the “Philadelphia” ransom software as a service (SaaS) model.

Anyone can buy the Philadelphia ransomware kit on the Dark Web for $400.  And for this nominal investment, the would-be attacker gets a simple executable file that sets up the whole system ...

Continue Reading →
0

Email Account Hijacking – Part 4 Prevention and Dectection

Last week we went deep on the subject of just how bad losing control of your email account can be.  Today we are wrapping up the four-part series with solutions to help you prevent email account compromise from happening, how to detect if it has already happened to you, and how to recover if that is the case.

Prevention is the best solution.  Your email account is one of the crown ...

Continue Reading →
0

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more ...

Continue Reading →
0
Page 34 of 61 «...1020303233343536...»