Dragonfly Wants To Punch Our Lights Out? Round Three

Is the U.S. energy sector under attack? The ambitious and sophisticated exploits like this one are usually the work of a nation-state.  Who wants to turn off the lights?  Last Wednesday we took a look at the US-CERT alert warning about the ongoing cyber-attack against the U.S. electric grid, and on Friday we took a look at many of the tactics, ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round Two

Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this?  Russia?  North Korea?  Cybersecurity firm Symantec has attributed this attack to a group they have identified as the Dragonfly Group, who may have been responsible for the attack on the Ukrainian electric grid in 2015 and 2016.  ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round One

Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this?  Who has the capability?  Is it the Russians, who have already demonstrated this attack two years ago in the Ukraine?  Or the North Koreans, who have both motive and the cyber army to carry it off? Cybersecurity firm Symantec has attributed ...

Continue Reading →
0

New Phishing Scam Uses FBI and IRS Logos

There is a new twist on an old tax scam appearing in email inboxes recently.  The new phishing exploit uses both IRS and FBI emblems to scare recipients into provide personal information on a downloadable questionnaire.  You can read the official warning here.

I like to remind people that the IRS only communicates with taxpayers by postal mail.  Sometimes they might send a US Marshal.  And the FBI certainly would not be sending an email when they can ...

Continue Reading →
0

The Weakest Link In Cybersecurity is in Your Mirror

That’s right, it’s still you.  Sorry.

October is Cybersecurity Awareness Month, and this week’s theme is Simple Steps to Online Safety.

The toughest part of cybersecurity is securing the human mind, emotions, behaviors, and responses from the making a decision or taking an action that will open the door for a cyber-attacker.  The reality is that it is much easier to secure systems than humans. And unfortunately, humans have been given a ...

Continue Reading →
0

What You Can Do After The Equifax Breach

The Equifax breach has been all over the news this weekend, and it should be.  This is worse than they are telling us.  It most certainly DOES affect you, if you are adult and have ever purchased a car or opened a credit card account.  Don’t wait to be told you are a victim.  Assume you are a victim.

In a world where we are all suffering from “breach fatigue,” having suffered through dozens if not hundreds of these revelations about ...

Continue Reading →
0

Phishing Protection In Outlook and Office 365

There are four ways that a typical business user on a Microsoft Outlook/Exchange/Office 365 platform can utilize.  While these may not be perfect, and all of them have issues, applying these solutions will help prevent your users for falling victim to phishing emails.  These solutions are additive, and each additional solution deployed provides a further layer of protection.

Junk Mail Filter – Outlook comes with a built-in Junk Mail filter that, while ...

Continue Reading →
0

Investigating Email Headers

When I am investigating an email exploit, I will take a look at the email headers.  Email headers in an email are a lot like the html code in a web site.  This is information that the machines that create, send, and receive the email use for routing, and for providing other information about the message.  As a human, we do not see the headers unless we specifically look for them, ...

Continue Reading →
0
Page 4 of 8 «...23456...»