Russian cyber-criminals are hard to arrest, because there is no extradition treaty between the US and Russia. The Russian government allows them to prosper as long as they do not attack anything in Russia. The Russian government also contracts with these criminal groups when they need some state sponsored hacking done, a la Grizzly Steppe. In Russia, these guys are considered to be just very successful business men. They have achieved ...
US-CERT just released more information about the Grizzly Steppe cybercrime group who has been fingered for hacking the DNC and US voter registration databases. The short report, titled Enhanced Analysis of GRIZZLY STEPPE Activity, makes interesting reading, especially if you are interested in finding out more about state-sponsored political espionage. See pages 4-7 for the main story.
The Grizzly Steppe group is certainly ...
Continue Reading →
I will start out by admitting that I hate Domain Privacy. But I just read a story in Naked Security on February 9th that is causing me to reevaluate my opinion. It turns out that the new White House press secretary, Sean Spicer, has a personal website at www.seanspicer.com. The website has been turned into a private site, but the WHOIS record ...
On May 25 2018, new regulations will go into effect in the European Union called the General Data Protection Regulation (GDPR). If you are doing business in Europe, this will affect your business. If your website collects personal information and other data from European site visitors or customers, this will affect your business.
The Europeans take personal privacy, especially online privacy, much more ...
Continue Reading →
The United States recently accused the Russian government of trying to influence US elections last November, and has expelled 35 Russian diplomatic officials and closed two Russian diplomatic facilities, one in New York City, and the other in Maryland, near Washington DC.
The Russians are denying any direct involvement, of course, and are laying the blame on Russian cyber-criminal groups. But we have discussed ...
Continue Reading →
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
Cybersecurity professionals are in agreement. The Russians appear to have been actively engaged in influencing the outcome of our recent Presidential election. Specifics include compromising and taking over Hilary Clinton’s chief of staff, John Podesta’s personal Gmail account. This spear phishing exploit used a “near-miss” domain name of “accounts.googlemail.com” to trick John into clicking on a link and and entering his email credentials. The real domain name is accounts.google.com.
There was also a ...
Continue Reading →
It was recently reported in Naked Security that a Seattle television news crew interviewed an Office Depot employee who alerted them to the practice of selling in-store repair scams to customers who came in looking for computer help. This whistle-blower told a story where employees where encouraged and even pressured to run the chain’s “PC Health Check” on evey computer ...
I was tempted to post this article late in October, when Brian Krebs suffered with the DDoS attack on his website, or when the Mirai botnet attack on DynDNS was in full swing, but decided to wait it out until after the election, in case it turns out that the Dyn attack was a precursor to an attack to disrupt the elections. And as of today, it appears that it was not.
Up ...
Continue Reading →
I don’t like to get political in this web log, but since the mainstream parties have given us what is possibly the worst two choices in Presidential candidates since the Revolution, may I suggest voting Libertarian? You can check out their platform from the link.