Retailing Hall of Shame – Office Depot Tech Support Scam

office-depotIt was recently reported in Naked Security that a Seattle television news crew interviewed an Office Depot employee who alerted them to the practice of selling in-store repair scams to customers who came in looking for computer help.  This whistle-blower told a story where employees where encouraged and even pressured to run the chain’s “PC Health Check” on evey computer ...

Continue Reading →
0

Cybersecurity Top 10

cybersecurity_436x270As we approach year-end, many small and medium sized business owners and managers are coming to the realization that their best intentions for creating a cybersecurity program in their organization have fallen short.  This was the year, you promised yourself, that we get a handle on computer and network security.

Well it is not too late to get a start, and here is a short ...

Continue Reading →
0

Fixing Your Infected IoT Devices

mirai-botnetThe Mirai and Bashlight botnets have caused quite a stir in the cybersecurity and IT realms.  The easy ability to round up and deploy millions of devices in a botnet using automated tools has raised the bar.  How we respond to DDoS attacks will have to change.

Nevertheless, you can remove your IoT devices from the bot-net and keep them from being reacquired.  Here are some easy solutions:

First, as clever as these exploits ...

Continue Reading →
0

Call Center in India Busted for IRS Collection Fraud

irs-logoNaked Security recently reported on the raid on a call center outside of Mumbai India that was engaged in defrauding US taxpayers of over $15 million dollars by pretending to be IRS collection agents.  70 people were arrested and over 600 call center operators remain under investigation.  While this is good news, this scam was very successful and is likely to pop up again.  We are reporting on it here ...

Continue Reading →
0

Sunday Funnies – Vote Early, Vote Often

Tuesday we get to vote for president again.  Worried about the security of electronic voting machines?  You are not alone, but you would not find any political or election officials in your group.  They think everything is fine!  The fact that your next president may be elected by the Russian Cyber Army is OK, I guess.  So that means Trump.

Here’s a little humor to make the nightmare seems more acceptable.

voting_machines Continue Reading →

0

Notes from the Cyber Security Summit 2016

cyber-security-summit-2016A couple of weeks ago I attended the Minneapolis Cyber Security Summit 2016 at the J.W. Marriot Hotel in Bloomington Minnesota.  There were two days of presentations on cybersecurity issues, and here are a few of the takeaways for small and medium sized business owners.

  • There are 28 million small businesses in the United States.  The Small Business Administration classifies a business with fewer than 500 employees as a small business.
  • Small businesses account ...
Continue Reading →
0

Cybersecurity and the Elections

election-hackedIn the last several days, we have seen big distributed denial of service (DDoS) attacks against DynDNS, an Internet services company that provides domain name services (DNS) to many companies including Twitter and PayPal.  DNS is how web sites are found on the web, you enter a web address in your browser, and DNS finds the website you are looking for.  When attacked in this ...

Continue Reading →
0

NIST Offers Cybersecurity Assessment Tool

NISTNIST has created a self assessment tool for companies and organization who are working through the NIST Cyber Security Framework (NIST-CSF).  This tool is called the Baldridge Cybersecurity Excellence Bulder and is designed to help companies implement the principles of the CSF.

According to NIST, organizations can use the Baldrige Cybersecurity Excellence Builder to:

  • Identify cybersecurity-related activities that are critical to business strategy ...
Continue Reading →
0

What Should You Do If Your Info Is Breached?

US-CERTUS-CERT sent out an announcement in September about a new video from the FTC for people whose personal information may have been breached in a cyber incident.  There are tips on reporting, and how to recover with tools such as a credit freeze or fraud alert.  There are many links on both the CERT and the FTC websites to resources. ...

Continue Reading →
0

The Circle

the-circleI recently read Dave Eggers book The Circle at the recommendation of a friend in the cybersecurity profession.  While I don’t do book reviews in this blog very often, I thought I would throw in my two cents about this book.

I was recommended this book during a cybersecurity training class. I do want to say that this book looks unblinkingly at some ...

Continue Reading →
0
Page 3 of 5 12345