If Only We Could Block Traffic From the Dark Web…

penetration_testTry to imagine how much bad stuff we could keep off our computers and networks if we could figure out a way to filter incoming traffic from the Dark Web.  Well maybe we can.

First, my apology in advance to my non-technical followers, this article may be a bit high level for the average user.

A post in Spiceworks from “Born2Frag”  goes ...

Continue Reading →
0

Phishing and Spearphishing – Don’t Take The Bait!

Phishing HookHere’s a provocative statement:  If you could just prevent your staff for clicking on links or opening attachments in phishing emails, 95% of your cybersecurity problems would be prevented.

As perimeter defenses and anti-malware software products have become more effective, cyber-attackers have turned to the phishing email approach as their number one favorite method for acquiring user names and passwords or gaining unauthorized access to computers on your network.   The spearphishing ...

Continue Reading →
0

Malwarebytes Tackles Cryptoware

th-paypage-quick-480This is hot off the press.  Yesterday Malwarebytes announced a beta of a new anti-crypto software product designed to stop CryptoWall4, CryptoLocker, Tesla, and CTB-Locker.  You can download the beta here.

According to Malwarebytes:

“Malwarebytes Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity. It keeps track of all activity and, once it has enough ...

Continue Reading →
0

Junkin’ Jack Flash

flash-logoAdobe’s Flash program has been a security nightmare. A favorite among malware writers for ages, Flash is useful for doing things like creating fake security pop-up alerts and conning computer users into buying security programs that don’t work and carry malicious content.  And it seems that there is another “zero-day” vulnerability discovered every three days.

Do we really need Flash?  No we don’t.  iPhones and iPads ...

Continue Reading →
0

Word and Excel Macro Viruses Are Back

macro-virusUsing BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products.  Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.

The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to US ...

Continue Reading →
0

Scary Disguises Hide Malware Too

goblinIt’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family.  It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack.  What follows are my scary Halloween stories.

  • Social Engineering – In this exploit the attacker may present themselves in person, over the phone, or by email, ...
Continue Reading →
0

AppGuard – Computer Security That Works

AppGuardI am often asked by frustrated clients “Why doesn’t traditional anti-virus and Internet security software products work?”  The unfortunate answer I have to give them is “It’s your fault.”  The more diplomatic answer I really use is that the security software cannot prevent something that is explicitly allowed by the computer user.  And the computer user is easily tricked into opening a file ...

Continue Reading →
0

Why Defense Doesn’t Work

Now that football season has started, there will be a lot of discussion about why great defenses don’t win football games.  Defense is not enough in the realm of cybersecurity, either.  I recently attended a webinar put on by The Open Web Application Security Project (OWASP) featuring Mike Benkovich (@mbenko) that discussed this concept as it applied to the DevSecOps (or SecDevOps) or the secure development of web applications.  It is not enough to write code that works, it also ...

Continue Reading →
0

Beware Pop-Up Security Alert Scam

I have been getting a lot of calls about this one, and I finally was able to get a screen print of the message.  When this happens to you – DO NOT CALL the provided number.  You will end up allowing them to connect remotely and then they will convince you to spend $300 to fix the problem.  You do not really have a problem, until you make the call.  To fix this, read to the bottom.

Continue Reading →

0

Linux Security

linux-logoIn our last post we may have introduced some of you to the idea of using Linux as a replacement for your Windows desktop or laptop.  Toward the end we touched on security, and this post will expand on that issue.

There is a fanatical cohort in the Linux realm that will tell you that Linux is secure by design and so security software is not necessary. And nobody is writing malware ...

Continue Reading →
0
Page 5 of 6 «...23456