I was a guest on Sarah Westall’s web radio program, Business Game Changers. The YouTube video is below. It’s 53 minutes, so get a beverage, sit back and enjoy.
Continue Reading →
I read an interesting article in the New York Times earlier this month, about how the United States is using cyber-warfare tactics against North Korea to slow the development of an inter-continental ballistic missile that can reach the United States. The effective range maps were startling. (see below)
It seems that Trump has inherited a cyber war program from the Obama administration that was started 3 years ago and targeted the North Korean missile development program. Since that time, there ...Continue Reading →
Russian cyber-criminals are hard to arrest, because there is no extradition treaty between the US and Russia. The Russian government allows them to prosper as long as they do not attack anything in Russia. The Russian government also contracts with these criminal groups when they need some state sponsored hacking done, a la Grizzly Steppe. In Russia, these guys are considered to be just very successful business men. They have achieved ...Continue Reading →
US-CERT just released more information about the Grizzly Steppe cybercrime group who has been fingered for hacking the DNC and US voter registration databases. The short report, titled Enhanced Analysis of GRIZZLY STEPPE Activity, makes interesting reading, especially if you are interested in finding out more about state-sponsored political espionage. See pages 4-7 for the main story.
The Grizzly Steppe group is certainly ...Continue Reading →
I will start out by admitting that I hate Domain Privacy. But I just read a story in Naked Security on February 9th that is causing me to reevaluate my opinion. It turns out that the new White House press secretary, Sean Spicer, has a personal website at www.seanspicer.com. The website has been turned into a private site, but the WHOIS record ...Continue Reading →
On May 25 2018, new regulations will go into effect in the European Union called the General Data Protection Regulation (GDPR). If you are doing business in Europe, this will affect your business. If your website collects personal information and other data from European site visitors or customers, this will affect your business.
The Europeans take personal privacy, especially online privacy, much more ...Continue Reading →
The United States recently accused the Russian government of trying to influence US elections last November, and has expelled 35 Russian diplomatic officials and closed two Russian diplomatic facilities, one in New York City, and the other in Maryland, near Washington DC.
The Russians are denying any direct involvement, of course, and are laying the blame on Russian cyber-criminal groups. But we have discussed ...Continue Reading →
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
Cybersecurity professionals are in agreement. The Russians appear to have been actively engaged in influencing the outcome of our recent Presidential election. Specifics include compromising and taking over Hilary Clinton’s chief of staff, John Podesta’s personal Gmail account. This spear phishing exploit used a “near-miss” domain name of “accounts.googlemail.com” to trick John into clicking on a link and and entering his email credentials. The real domain name is accounts.google.com.
There was also a ...Continue Reading →
It was recently reported in Naked Security that a Seattle television news crew interviewed an Office Depot employee who alerted them to the practice of selling in-store repair scams to customers who came in looking for computer help. This whistle-blower told a story where employees where encouraged and even pressured to run the chain’s “PC Health Check” on evey computer ...Continue Reading →