Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Potential Hurricane Florence Phishing Scams

09/14/2018 02:19 PM EDT

NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling any email with a subject line, attachments, ...

Continue Reading →
0

Botnet Targets Banks With Phishing Emails

Cyber-criminals are using a botnet to send phishing emails with the apparent purpose to test a new email attachment type.  Over the course of three weeks starting August 10th, this cyber-gang released seven different types of phishing emails to over 3,000 banks around the world.  They appear to be testing which of these several approaches is most successful at tricking recipients into opening the email attachment.

The attachment itself is also something different – Microsoft Excel Web Query files that use ...

Continue Reading →
0

Two Easy Ways To Breach Company Networks

Bad news – your small business network is easy for an attacker to access, and for most of you there are two or more exploitable attacker vectors.  A recent report from Positive Technologies analyzed the results of 22 penetration tests on companies from finance, transportation, retail, and even information technology.  All of the companies were breached with little difficulty.  The two easiest methods of unauthorized network access were not terribly surprising:  Wi-Fi networks, and company employees.

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Extortion Phish: Your Password is XXXX

One of my IT associates got an email that had one of her actual passwords in it, and threatened to reveal information unless she paid a ransom in Bitcoin.  This seems to be getting a lot of traction, so beware.  Do not pay the extortion demand. First, this is a scam.  They got ...

Continue Reading →
0

Phishing on Facebook – Angler Phishing

Cyber-criminals are masquerading as customer service sites on Facebook, luring disgruntled customers to their Facebook page in order to trick them into divulging their user name, password, and other personal information.  This is called “angler phishing.”

The way this usually works is this.  Let’s say you have a bad experience with your bank.  Then you write and post a negative comment on Facebook or Twitter about bad service you received at your bank, for example.  A cyber-crime crew will be searching ...

Continue Reading →
0

How I Got Your Password – Part 2

Did you know that the easiest way for me to get your password is just to ask for it? This is one way that cyber-criminals can get one of your passwords. In  our last post we focused on password cracking.  Today we will look at all the other ways that an clever attacker can compromise your password.

  • Social Engineering – Sometimes the easiest way to get password information is just to ask for it.  Social engineering is a type of con ...
Continue Reading →
0

How I Got Your Password – Part 1

In our last post we looked at the frighteningly short amount of time that it takes to crack a typical password.  Today we will look at all the different password cracking methods that a clever attacker can use to compromise your password, and how to defend against these attacks.

Password cracking

There are several types of automated password attacks that can be combined to make the process quicker, or to configure for a certain type of password attack.

  • Dictionary attack – This is ...
Continue Reading →
0

The FBI Releases the IC3 2017 Internet Crime Report

On May 7, the FBI announced the release of the 2017 edition of the Internet Crime Report, published by the Internet Crime Complaint Center (IC3).   This 29 page report outlines what cyber-crimes are most popular and most profitable for the perpetrators.  Don’t miss the extensive list of cyber-crimes and definitions in Appendix A.  Seriously, I found them kind of interesting.  Anyway, these crimes led to $1.42 billion in losses last ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


WordPress turns 15 on Sunday May 27

WordPress will be 15 years old this May 27th, 2018!  On Sunday, May 27th, we’re planning a global event celebrating the WordPress 15th Anniversary with WordPress community groups around the world.


Alexa, Siri and Google can be tricked by commands you can’t hear

Researchers have shown how attackers could trick ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


FBI Releases IC3 2017 Internet Crime Report

05/07/2018 08:30 PM EDT  Original release date: May 07, 2018

FBI has released the Internet Crime Complaint Center (IC3) 2017 Internet Crime Report, which highlights scams trending online. The top three crime types reported by victims in 2017 were non-payment/non-delivery, personal data breach, and ...

Continue Reading →
0
Page 1 of 8 12345...»