Details on New Email Exploit – No Attachment Required

People often ask me if it is dangerous to simply open an email, if it is possible to get a malware inflection just by reading an email.  My answer has been a qualified “not at this time.”  Unfortunately, this is no longer true.  It is possible to get a malware installation from the new DDE (Dynamic Data Exchange) exploits reveal by Sophos Labs on October 13 2017.  This can be accomplished without an attachment or link if the email is ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


The Internet Wants You: Consider a Career in Cybersecurity

10/24/2017 07:32 AM EDT  Original release date: October 24, 2017

October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. The month’s themes educate students and professionals about cybersecurity attack methods, best practices, and preventive measures and ...

Continue Reading →
0

Scary Kaspersky Stories – Ghost in the Machine

Happy Halloween!  Nothing like a scary story to end the holiday.  The scary story in cybersecurity is that Kaspersky anti-malware and security products are in league with the Putin government and the FSB in Russia.  The FBI is advising government agencies to drop Kaspersky and find a new endpoint security solution.

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia and operated through a holding company in the United Kingdom. Kaspersky was founded by Eugene ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round Four

Over the last four posts, we have focused on the US-CERT alert, but cybersecurity firm Symantec has actually been working this case since 2011.  Their report on Dragonfly can be found on their website.  While they are cautous when providing attribution, reading between the lines indicates that Dragonfly is probably a Russian based group, possibly working on behalf ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round Three

Is the U.S. energy sector under attack? The ambitious and sophisticated exploits like this one are usually the work of a nation-state.  Who wants to turn off the lights?  Last Wednesday we took a look at the US-CERT alert warning about the ongoing cyber-attack against the U.S. electric grid, and on Friday we took a look at many of the tactics, ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round Two

Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this?  Russia?  North Korea?  Cybersecurity firm Symantec has attributed this attack to a group they have identified as the Dragonfly Group, who may have been responsible for the attack on the Ukrainian electric grid in 2015 and 2016.  ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round One

Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this?  Who has the capability?  Is it the Russians, who have already demonstrated this attack two years ago in the Ukraine?  Or the North Koreans, who have both motive and the cyber army to carry it off? Cybersecurity firm Symantec has attributed ...

Continue Reading →
0

MAIN STREET Cybersecurity Act to Protect Small Businesses

At the end of September, the Senate passed the MAIN STREET Cybersecurity Act for Small Business.  This is an effort to help small businesses deal with the technical aspects and costs associated with creating a cybersecurity program and protecting their digital assets from attack or compromise.  The Act instructs NIST to create a plan for small businesses that is based on the NIST Cybersecurity ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


70k minimum wage has been a profound success and failure – two years later

Tech company Gravity Payments instituted a $70 K minimum wage two years ago.  It has long been my personal contention that the drop in real starting wages (against inflation) coupled with crushing ...

Continue Reading →
0
Page 5 of 48 «...34567...»