If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.
Not everyone can hire a cyber security expert. Globally, 70% of employers plan to increase the size of their cybersecurity staff this year. Not only is there ...Continue Reading →
People often ask me if it is dangerous to simply open an email, if it is possible to get a malware inflection just by reading an email. My answer has been a qualified “not at this time.” Unfortunately, this is no longer true. It is possible to get a malware installation from the new DDE (Dynamic Data Exchange) exploits reveal by Sophos Labs on October 13 2017. This can be accomplished without an attachment or link if the email is ...Continue Reading →
Over the last four posts, we have focused on the US-CERT alert, but cybersecurity firm Symantec has actually been working this case since 2011. Their report on Dragonfly can be found on their website. While they are cautous when providing attribution, reading between the lines indicates that Dragonfly is probably a Russian based group, possibly working on behalf ...Continue Reading →
Is the U.S. energy sector under attack? The ambitious and sophisticated exploits like this one are usually the work of a nation-state. Who wants to turn off the lights? Last Wednesday we took a look at the US-CERT alert warning about the ongoing cyber-attack against the U.S. electric grid, and on Friday we took a look at many of the tactics, ...Continue Reading →
Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this? Russia? North Korea? Cybersecurity firm Symantec has attributed this attack to a group they have identified as the Dragonfly Group, who may have been responsible for the attack on the Ukrainian electric grid in 2015 and 2016. ...Continue Reading →
Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this? Who has the capability? Is it the Russians, who have already demonstrated this attack two years ago in the Ukraine? Or the North Koreans, who have both motive and the cyber army to carry it off? Cybersecurity firm Symantec has attributed ...Continue Reading →
Email account hijacking is a serious, growing problem. It has become the number one way that cyber-criminals make money. What makes it so insidious is the ease with which the hijacker can impersonate the owner of the email account.Continue Reading →
There is a new twist on an old tax scam appearing in email inboxes recently. The new phishing exploit uses both IRS and FBI emblems to scare recipients into provide personal information on a downloadable questionnaire. You can read the official warning here.
I like to remind people that the IRS only communicates with taxpayers by postal mail. Sometimes they might send a US Marshal. And the FBI certainly would not be sending an email when they can ...Continue Reading →
October is Cybersecurity Awareness Month, and this week’s theme is Simple Steps to Online Safety.
The toughest part of cybersecurity is securing the human mind, emotions, behaviors, and responses from the making a decision or taking an action that will open the door for a cyber-attacker. The reality is that it is much easier to secure systems than humans. And unfortunately, humans have been given a ...Continue Reading →