Business Email Compromise Report from FBI

image_thumbI very rarely will publish a news item or statistics, because we focus on discussing vulnerabilities, exploits, and countermeasures and leave the cyber news to others.  This report is important enough I had to share it.

On June 14th the Internet Crime Complaint Center of the FBI reported loss numbers for businesses that succumbed to the “Business Email Compromise” scam.  This scam works when an attacker is able to get the ...

Continue Reading →
0

Your Smartphone and Tablet Need Security Too

phone-thiefMobile smart devices have all the capabilities of a laptop or computer.  What this means from a cybersecurity perspective is that they are every bit as vulnerable as a laptop or desktop computer.  The fact that they are small makes them easy for a thief to slip in a pocket or backpack and carry away, along with your personal information, contacts, pictures, geo-location history, and a raft of critical and revealing information.

In ...

Continue Reading →
0

Was Your Email Password Stolen?

Email_thumb2One of the very worst breaches that can happen to you is for an attacker to be able to access your email account.  If someone else can access your email, and read the messages you send and receive, and access your contact list and calendar, then they can learn many personal details about you that would make it easier to steal your identity, access other web accounts using the password reset process, ...

Continue Reading →
0

Best Data Security – Throw It Out!

databaseI read a couple of thought provoking articles recently on the subject of data security, and more directly, on how data destruction can serve to permanently “secure” the data that is destroyed.  One article appeared in the Wordfence security blog, and the other article from security and encryption guru Bruce Schneier on CNN.com.

The Wordfence article was looking at improving WordPress website security by removing unused items and information, things ...

Continue Reading →
0

IRS Strikes Again – IP PIN Epic Fail

irs-logoWe wrote last year about how the IRS and their Get Transcript service was instrumental in helping identity thieves file fraudulent tax returns for big refunds.  The problem was that the IRS used static user identity information that was available elsewhere online.  They promised to fix this security problem, but have not.  This year, many users of the IP PIN  system that was supposed to harden security ...

Continue Reading →
0

Phishing and Spearphishing – Don’t Take The Bait!

Phishing HookHere’s a provocative statement:  If you could just prevent your staff for clicking on links or opening attachments in phishing emails, 95% of your cybersecurity problems would be prevented.

As perimeter defenses and anti-malware software products have become more effective, cyber-attackers have turned to the phishing email approach as their number one favorite method for acquiring user names and passwords or gaining unauthorized access to computers on your network.   The spearphishing ...

Continue Reading →
0

What Is Social Engineering?

social-engineeringThis should really be called “anti-social” engineering.  A good definition is “social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.”

My article on Wednesday will give an example of phone based social engineering – the fake tech support call. ...

Continue Reading →
0

Password Tips for 2016

password1Passwords – Is mine strong enough?  How do I know?  Every time I write a password article I feel as if this subject has already been done to death by me and others.  But I always get more positive feedback on this subject than others I consider more interesting, so we offer the following suggestions:

  • Use different passwords for personal and work systems.  That way ...
Continue Reading →
0

Tips From FBI To Lower Your Online Profile

ic3I am getting posts from the FBI and the Internet Crime Complaint Center (IC3), and received this interesting warning on November 18th of last year.  This warning was sent to law enforcement and public officials, but if you have come to the point in your life were you are feeling a bit overexposed on the Internet, these tips can help you too.

For some of us, a few of these suggestions are ...

Continue Reading →
0

Lower Your Online Profile

anonymous-avatarHappy New Year!  This week we are going to investigate ways that we can recover some of our personal privacy and enhance the our security our online lives.

Let’s face it, many of us have been running amok on the Internet, busily sharing all sorts of personal information on Facebook, Twitter, LinkedIn, Pinterest, Snapchat, and who knows where else.  Every time we buy something online, ...

Continue Reading →
0
Page 4 of 6 «...23456