Stupid Politicians – Australia Edition

Thank God this hasn’t happened here in the United States (yet).  It is not for lack of trying by US law enforcement agencies, though.  What am I talking about?  Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).

TOLA is supposed to ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


The Computer Programmer Who Ran a Global Drug Trafficking Empire

A new book uncovers the intricacies of Paul Le Roux’s cartel and how it fueled the opioid epidemic ravaging the U.S. today.  This facinating story is covered in detail on the Smithsonian website.  Or read Evan Ratliff’s new book The Mastermind.  I did, and the ...

Continue Reading →
0

Global Cyber Threats to the United States

In our last post we singled out North Korea as a key source of cyber-war action against the United States and other countries.  But they are not the only countries that the US is actively engaged with in cyber-space.  On January 29, 2019, Daniel Coats, Director of National Intelligence, released a report to the Senate, titled Worldwide Threat Assessment of ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


OUCH! Ransomware Attack Via MSP Locks Customers Out of Systems

If your computer technical support is provided by an outside vendor, you need to know this.  We have warned about this problem before.

Earlier this week, an unidentified threat actor managed to launch a ransomware attack resulting in the encryption of between 1,500 to 2,000 endpoint ...

Continue Reading →
0

Recovering From A Cybersecurity Incident

Ever feel like there should be a 12-step program for your cybersecurity career?  “Hello, I’m Bob and I’m a recovering cybersecurity professional.”  Doing the same old “defense in depth” stuff and still the barbarians get onto your network and wreak havoc.  Remember the definition of insanity?  “Doing the same thing and expecting different results.”  As with any 12-step program, the first step would ...

Continue Reading →
0

Chinese Attacks Against MSPs and IT Support Companies Puts Clients At Risk

US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs.  An MSP provides support principally by using remote monitoring, remote access, and remote control software products.  They install a monitoring tool called an “agent,” and a command and control device on the ...

Continue Reading →
1

A Timeline of Russian Cyber-Exploits

We have been investigating Russian cyber-attacks this week.  Today we publish a timeline of Russian cyber-activities.  In the interest of space, I am publishing just the timeline with little descriptive content.  I have included a download link to a PDF and spreadsheet of the timeline with more detail, and links to sources.

Notice how these cyber attacks started out in 2004 as small, unsophisticated ...

Continue Reading →
1

Russian Active Measures for the Internet Age.

Is Donald Trump Putin’s Revenge?

Was the election of Donald Trump the result of the successful application of “active measures” by Russia? Did the massive Facebook and Twitter campaigns by the Russians change public opinion enough in the final days of the Presidential campaign to move the needle and help Trump win?

According to Retired KGB Maj. Gen. Oleg Kalugin, former Director of Foreign Intelligence ...

Continue Reading →
1

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Bomb Threats Emailed Around the World

12/13/2018 06:59 PM EST  Original release date: December 13, 2018

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom in Bitcoin ...

Continue Reading →
0

Autonomous Vehicles Will Decide Who Gets Killed

In a not too distant future, you may be riding in an autonomous vehicle that is forced to decide between running over a pedestrian or a bicyclist.  Or whether to crash into a tree or another automobile.  It may make a decision you are not particularly happy with.  These decisions will rely on “artificial intelligence” built into these cars.  These decisions are being programmed right now by developers of autonomous vehicles.  ...

Continue Reading →
0
Page 1 of 11 12345...»