Additional Notes from the Cyber Security Summit

cyber-security-summit-2016On Monday we looked at the some of the primary attack vectors used by cyber-criminals.  Here are the rest of the attack vectors that Kevin Thompson from FireEye shared at the Cyber Security Summit.  Many of these are significant twists on old exploits, or more sophisticated exploits.

  • Attacks using legitimate services.
    • Social networks – make friends or connections, gather information.
    • Cloud storage services to host malware downloads.  Link looks legitimate, its from Google Docs or DropBox.
    • Comment ...
Continue Reading →
0

Zero Days – Documentary About Cyber War

zero-daysWe have written about Stuxnet a couple of times.  (Here and here)  My fascination with this incredible piece of malware writing is that it represents the first documented case of cyber war between nation-states.  As we now know, Iran, specifically the nuclear facility at Natanz, was attacked by the United States, and our ally Israel.  I recently watched a documentary ...

Continue Reading →
0

Using Windows Defender Offline

Windows10We have been recommending Windows Defender as an acceptable anti-malware program.  What we like about it is that it comes baked into the Windows 10 operating system, and gets its malware definitions updates with the other Windows security and feature updates that users are already receiving.   And it is free.  Plus it keeps your system a little less cluttered than adding a third party anti-malware product.

Sure, it is not top of ...

Continue Reading →
0

Recovering from Ransomware

teslacryptYou have trained your staff and improved your defenses.  In spite of your best efforts, you have an active case of crypto-malware running on a system in your business.  How do you recover?

Here are the steps to recovery:

  • Disconnect the affected system from the network by removing the Ethernet network cable connection or turning off the Wi-Fi connection.
  • Determine if the encryption process has completed.
    • If so, leave the system running, but disconnected from the network. ...
Continue Reading →
0

Detect and Defend Against Ransomware

maktub-lockerEncryption ransomware can be a devastating event if it happens to your or your company.  The three solutions are basically pay the money, restore from backup, or accept your losses and move on.  All are expensive, and some can be severe enough to drive a business out-of-business.Monday we gave you several ways to prevent, or at least prepare a response to a crypto-ransomware exploit.  Today we are going to look at early ...

Continue Reading →
0

Don’t Take The Bait!

baitHaving just discussed phishing on Monday, it makes sense to cover the social engineering practice called “baiting” today.  Typically, this involves an attacker leaving removable media such as a USB flash drive or SD Media card lying around in a public location. The exploit depends entirely on the principle of “finders-keepers.”  People pick these drives up, and plug them into the first computer they ...

Continue Reading →
0

US-CERT Warns Against Phishing and Social Engineering Exploits

US-CERTWe continue to hear from security researchers and professionals that an astonishing 95% of all exploits begin with someone opening an attachment or clicking a link on a phishing email.  I have a client where two different employees opened the attachment on an email from “FedEx” and became infected with crypto-malware.  These incidents happened nearly a week apart, and you think that the second ...

Continue Reading →
0

Fake Tech Support Claims To Be From Your ISP

We have all received a fake tech support call from someone claiming to be a Microsoft employee.  Now there is a new twist on the scam involving a fake screen pop-up and tech support fakers who claim to be from your Internet service provider.  Google has an extensive collection of fake tech support pop-ups, these are all fake.  Take a look.

We have reported on this issue several times in this blog.  Like here and here and ...

Continue Reading →
0

Mac Users Targeted By Cyber-Attackers

applelogoThe Apple OSX platform has long held the cache of being invulnerable to attack.  Cyber-criminals have be crafting more exploits to target Macs, iPhones, and iPads, especially since 2012.  The reason for this, as explored in a recent article on SiliconBeat, is that Apple users tend to have more disposable income.  If you willingly pay more to have “the best” or most ...

Continue Reading →
0
Page 3 of 6 12345...»