Dragonfly Wants To Punch Our Lights Out? Round Two

Somebody wants to punch our lights out – literally turn off the electric power grid. Who would want to do this?  Russia?  North Korea?  Cybersecurity firm Symantec has attributed this attack to a group they have identified as the Dragonfly Group, who may have been responsible for the attack on the Ukrainian electric grid in 2015 and 2016.  ...

Continue Reading →
0

MAIN STREET Cybersecurity Act to Protect Small Businesses

At the end of September, the Senate passed the MAIN STREET Cybersecurity Act for Small Business.  This is an effort to help small businesses deal with the technical aspects and costs associated with creating a cybersecurity program and protecting their digital assets from attack or compromise.  The Act instructs NIST to create a plan for small businesses that is based on the NIST Cybersecurity ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


70k minimum wage has been a profound success and failure – two years later

Tech company Gravity Payments instituted a $70 K minimum wage two years ago.  It has long been my personal contention that the drop in real starting wages (against inflation) coupled with crushing ...

Continue Reading →
0

Yahoo Breach Is Worse Than We Were Told

Three billion (3,000,000,000) is the current tally of breached user IDs, passwords, and customer account information at Yahoo.  This is most assuredly all of the user account information they were holding about their customers. If you were or are a Yahoo account holder, just assume your information is among the lost.

Earlier we reported that this breach may have been less significant because Continue Reading →

0

Patch Early, Patch Often

Happy Friday the 13th.  October is Cybersecurity Awareness Month and this week’s theme is Cybersecurity in the Workplace is Everyone’s Business.  Often it is the simple things that work the best.  Running automatic Windows and Microsoft updates, and applying updates and patches for Adobe, Apple, Android, and other products often are the best way to close the door on a new exploit or ...

Continue Reading →
0

New Phishing Scam Uses FBI and IRS Logos

There is a new twist on an old tax scam appearing in email inboxes recently.  The new phishing exploit uses both IRS and FBI emblems to scare recipients into provide personal information on a downloadable questionnaire.  You can read the official warning here.

I like to remind people that the IRS only communicates with taxpayers by postal mail.  Sometimes they might send a US Marshal.  And the FBI certainly would not be sending an email when they can ...

Continue Reading →
0

Security Issue With CCleaner

Piriform’s CCleaner is a popular computer cleaning and optimizing product that many people use.  I have my doubts about the real effectiveness of these utilities, but many of my clients swear by it.  I have used CCleaner myself several times as one of the tools I used to clean up a malware infection.

Recently, the CCleaner software code was modified  to include a malicious backdoor.  This warning was published earlier in one ...

Continue Reading →
0

The Weakest Link In Cybersecurity is in Your Mirror

That’s right, it’s still you.  Sorry.

October is Cybersecurity Awareness Month, and this week’s theme is Simple Steps to Online Safety.

The toughest part of cybersecurity is securing the human mind, emotions, behaviors, and responses from the making a decision or taking an action that will open the door for a cyber-attacker.  The reality is that it is much easier to secure systems than humans. And unfortunately, humans have been given a ...

Continue Reading →
0

BlueBorne Bluetooth Hijacker – What Do We Know?

Cybersecurity researchers at Armis Labs have released information about a new attack vector called BlueBorne.  This exploit has the potential to put millions of devices running Windows, Linux, Android or iOS operating systems at risk.

This exploit allows attackers to connect over the Bluetooth radio system with having to first pair the two Bluetooth enabled devices.  Once installed, the attacker has full control of ...

Continue Reading →
0
Page 2 of 15 12345...»