Why Defense Doesn’t Work

Now that football season has started, there will be a lot of discussion about why great defenses don’t win football games.  Defense is not enough in the realm of cybersecurity, either.  I recently attended a webinar put on by The Open Web Application Security Project (OWASP) featuring Mike Benkovich (@mbenko) that discussed this concept as it applied to the DevSecOps (or SecDevOps) or the secure development of web applications.  It is not enough to write code that works, it also ...

Continue Reading →
0

Beware Pop-Up Security Alert Scam

I have been getting a lot of calls about this one, and I finally was able to get a screen print of the message.  When this happens to you – DO NOT CALL the provided number.  You will end up allowing them to connect remotely and then they will convince you to spend $300 to fix the problem.  You do not really have a problem, until you make the call.  To fix this, read to the bottom.

Continue Reading →

0

Linux Security

linux-logoIn our last post we may have introduced some of you to the idea of using Linux as a replacement for your Windows desktop or laptop.  Toward the end we touched on security, and this post will expand on that issue.

There is a fanatical cohort in the Linux realm that will tell you that Linux is secure by design and so security software is not necessary. And nobody is writing malware ...

Continue Reading →
0

Weakest Cybersecurity Link – It’s Your Staff

coworkersAll the expensive high-tech cybersecurity goodies cannot prevent someone in your employ from clicking a malicious link in an email and opening a gateway to further network exploitation.  That is the findings of ProofPoint in The Human Factor Report 2015.  The discouraging point for those of us who advocate employee training as an important part of an overall cybersecurity strategy is that in spite of training, people are still more likely ...

Continue Reading →
0

Cyber Attacker Using Fake “Updates”

updatesCyber criminals are using fake software “updates” to trick company employees into downloading Trojan horse malware to allow the attackers to gain access to the company network.

This is an especially nasty bit of trickery, as we advise our clients repeatedly to keep their software and operating systems updated to maintain the security and integrity of the software.

Once the malware is installed the cyber attackers are able to move around the company ...

Continue Reading →
0

Dyre Wolf Banking Malware Poses Threat To Your Bank Balance

Modern cyber criminals are using more sophisticated blended attacks to achieve some pretty spectacular monetary hauls.  The Dyre Wolf malware exploits is currently be combined with a spear-phishing approach, a telephone based social engineering middle, and a distributed denial of service (DDOS) attack on the back end to access corporate bank accounts and wire transfer large sums of money.  Originally uncovered by IBM’s security team in 2014, this exploit had netted on cyber-crime group over $1 million dollars.  The IBM ...

Continue Reading →
0

Ransomware Kidnapped Your Files – Should You Pay The Ransom?

CryptoLocker and CryptoWall are largely defunct now, but there are new strains of encryption malware at large on the Internet.  If you fall victim to any of the new ransomware exploits such as Teslacrypt or Ophionlocker, there is bad news, and there is OK news, and there may be good news.

The bad news is that once the encryption malware has finished encrypting all of your personal files in the Documents, Pictures, Music, and Video folders and other stuff in your User ...

Continue Reading →
0
Page 5 of 5 12345