WireX Turns Android Phones into DDoS Botnet

WireX is a new botnet that runs on hijacked and compromised Android phones.  A bot-net is a collection of compromised devices that can be coordinated by the hijacker to work together on a certain task.  It might be bit-coin mining, or password cracking, or other tasks that require a lot of processing power.  This bot-net, like last year’s Mirai and ...

Continue Reading →
0

Sharing Your Boarding Pass Is A Bad Idea

Last Friday we covered some of the security issues travelers can face when staying at a hotel.  Today we are going to look at air travel – specifically the bad things that can happen to you if you carelessly discard or foolishly post a picture online of your airline boarding pass.

For some reason, people like to post images of their boarding passes on ...

Continue Reading →
0

Phishing Protection In Outlook and Office 365

There are four ways that a typical business user on a Microsoft Outlook/Exchange/Office 365 platform can utilize.  While these may not be perfect, and all of them have issues, applying these solutions will help prevent your users for falling victim to phishing emails.  These solutions are additive, and each additional solution deployed provides a further layer of protection.

Junk Mail Filter – Outlook comes with a built-in Junk Mail filter that, while ...

Continue Reading →
0

NIST Warns Against Lack of Security in Critical Infrastructure

NIST (National Institute for Standards and Technology) released Special Publication 800-53 version 4 recently, and it covers the shortcomings in privacy and security in the national power grid, water control systems, dams, oil and gas utilities and similar computer controlled systems.  There are no coherent or enforceable standards for Industrial Control Systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems that ...

Continue Reading →
0

SANS: Phishing Exploits Are The Top Threat

The SANS institute released the results of  a new survey recently, and found that cybersecurity professionals ranked phishing as the number one exploit this year.  Phishing awareness training programs were seen by many as the best defense against phishing, spearphishing and whaling exploits.  Something that was new this year was the reporting of so-called “malware-less” exploits that use “the built-in features of the operating system to turn it against itself without downloading ...

Continue Reading →
0

How Hard Is It To Become A Cyber-Criminal?

According to a recent article on Naked Security, not at all hard.  While at Black Hat in Las Vegas, researchers from Sophos gave a presentation that dissected the “Philadelphia” ransom software as a service (SaaS) model.

Anyone can buy the Philadelphia ransomware kit on the Dark Web for $400.  And for this nominal investment, the would-be attacker gets a simple executable file that sets up the whole system automatically. ...

Continue Reading →
0

Will Artificial Intelligence Beat Real Intelligence?

One of the persistent memes that interest me is the impending event sometimes known as “the singularity.”  This is a probable future where our electronic devices become self-aware and fully autonomous.  We see the beginnings of this happening all around us in devices like Amazon’s Alexa and Echo, The Nest and Google communities of smart devices, self-driving vehicles, and all the Internet of Things (IoT) devices that listen to ...

Continue Reading →
0
Page 1 of 13 12345...»