What To Do When Your Personal Information Is Breached

penetration_test_436x270We recently learned that credit report service Experian had a breach of T-Mobile customer information.  This is just another addition to the pile of Personally Identifying Information (PII) that has been exfiltrated from sundry organizations including the Office of Personnel Management, various BlueCross BlueShield organizations, and Harvard University.

So what to do when this happens to you?  When you are notified by the offending ...

Continue Reading →
0

Word and Excel Macro Viruses Are Back

macro-virusUsing BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products.  Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.

The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to US ...

Continue Reading →
0

000Webhost Loses Plaintext Passwords

000WebHost

This comes under the heading of “know who you are doing business with.”  Web hosting company 000webhost.com was breached this week and over 13 million customer records were stolen and posted for sale on the Internet.  The data includes customer names, emails and passwords in plaintext  (meaning the passwords were unencrypted).  Storing passwords in an unencrypted form should be a criminal act in itself, ...

Continue Reading →
0

Scary Disguises Hide Malware Too

goblinIt’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family.  It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack.  What follows are my scary Halloween stories.

  • Social Engineering – In this exploit the attacker may present themselves in person, over the phone, or by email, ...
Continue Reading →
0

Really Secure Email

ProtonMailOK, so Monday I lampooned the Director of the CIA for using AOL email to transmit top secret CIA files (yikes).  And of course we all remember the Hillary Rodham Clinton kerfuffle over her use of her own private email service to transmit State Department documents (better).  One has to assume that this pretty flagrant violation of what has to be well known government policies by people who probably know better has ...

Continue Reading →
0

Top Cybersecurity Threats in 2015

penetration_test_436x270The cybersecurity threat surface is constantly changing.  Below are listed the top areas of concern among cybersecurity experts.  Some are new, and some have been around seemingly forever.

New Threats

  • Emerging technologies and the Internet of Things (IoT).  It seems that all of our new toys are Internet enabled in some way, and many of these devices present a new attack surface for cyber-criminals.  The ...
Continue Reading →
0

Please Stop Falling For Tech Support Scams

STOP THE MADNESS!!  It drives me crazy when a client calls me AFTER spending an hour on the phone with some tech support scammer, and then thinks to call me after they have a problem “fixed” that they never had in the first place.

One of my clients recently fell for an interesting variation of the Tech Support Scam.  She did a Google search to find the HP technical support number, but the company she called, while at the top of ...

Continue Reading →
0
Page 33 of 41 «...1020303132333435...»