Drones have become the must-have item for many people this year. Some of them are your neighbors, and they may be annoying you or intruding on your privacy. On the other hand, it may be a member of our military hunting a terrorist. Or, increasingly, it may be a terrorist using a drone to provide surveillance, or worse yet, deliver something deadly like a ...
When I am training a room full of computer users about how to detect a phishing email, one of the detection methods is using the “hover trick” on a link to reveal the actual web address and destination. Or, if you have already clicked through, to look at the URL or web address as it is displayed in the address box ...
It has been a couple of weeks since the Google Docs hoax spread across the Internet like wildfire. What have we learned about this exploit?
Originally this appeared to be a phishing campaign, but phishing emails are spoofed clever replicas. These emails were the genuine article, and were sent from Google mail servers, from the hijacked Google accounts of people you were likely to know. This made the exploit difficult to ...
Continue Reading →
The average number of days between a network intrusion and it’s detection by the victim is around 200 days, which is at least 199 days too long. Sooner or later your company will suffer an network intrusion, computer incident, or data breach, in spite of your best efforts to prevent it. The goal is to shorten the time between intrusion and detection.
A recently article on Tech ...
Continue Reading →
We have reported a few times about the tech support scammers who use cold-calling phone lists or browser pop-ups with 800 number “support” lines to trick people into paying $300 or more for “malware removal” and other services that the computer doesn’t need. And the pop-ups can be scary and convincing as in the example image.
Naked Security recently reported on the work ...
Continue Reading →
Happy World Password Day. I have been following the progress that NIST is making in formulating new standards for user authentication. Something I found surprising was that NIST is not recommending using biometrics as a form of authentication. The two main reasons are that biometrics, such as fingerprints, iris scans, and voice recognition, are not a secret. For instance, you leave your fingerprints behind everywhere you touch ...
Back in December we wrote about FBI Operation Hard Copy in order to warn our readers about telemarketing lottery scams and how they work. Recently, the FBI reported that one of the people arrested in that operation had plead guilty to one count of wire fraud.
According to the FBI:
Continue Reading →Ronald John Mendleski, 72, of Bokeelia, Florida, pleaded guilty to one count of wire fraud before U. S. Magistrate ...
I read an interesting article in the New York Times earlier this month, about how the United States is using cyber-warfare tactics against North Korea to slow the development of an inter-continental ballistic missile that can reach the United States. The effective range maps were startling. (see below)
It seems that Trump has inherited a cyber war program from the Obama administration that was started 3 years ago and targeted the North Korean missile development program. Since that time, there ...
Continue Reading →
What if there was a new phishing scam that had an open rate of 90%. That’s right, this phishing email is so believable, 90 out of 100 recipients open the the attachment or click on the link without a second thought.
These attacks begin with the scammer researching the target victim. These targets usually work at companies where there is a lot of air ...
Continue Reading →We have discussed the dangers to what NIST identifies as Critical Infrastructure that exists because SCADA and other industrial control systems are designed to be run on “air-gapped” networks that are not connected to the public Internet. Unfortunately, many of these systems are being connected to the Internet, if only in a tangential way.
The German security firm OpenSource Security recently found hard ...
Continue Reading →