MAIN STREET Cybersecurity Act to Protect Small Businesses

At the end of September, the Senate passed the MAIN STREET Cybersecurity Act for Small Business.  This is an effort to help small businesses deal with the technical aspects and costs associated with creating a cybersecurity program and protecting their digital assets from attack or compromise.  The Act instructs NIST to create a plan for small businesses that is based on the NIST Cybersecurity ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


70k minimum wage has been a profound success and failure – two years later

Tech company Gravity Payments instituted a $70 K minimum wage two years ago.  It has long been my personal contention that the drop in real starting wages (against inflation) coupled with crushing ...

Continue Reading →
0

Yahoo Breach Is Worse Than We Were Told

Three billion (3,000,000,000) is the current tally of breached user IDs, passwords, and customer account information at Yahoo.  This is most assuredly all of the user account information they were holding about their customers. If you were or are a Yahoo account holder, just assume your information is among the lost.

Earlier we reported that this breach may have been less significant because Continue Reading →

0

Patch Early, Patch Often

Happy Friday the 13th.  October is Cybersecurity Awareness Month and this week’s theme is Cybersecurity in the Workplace is Everyone’s Business.  Often it is the simple things that work the best.  Running automatic Windows and Microsoft updates, and applying updates and patches for Adobe, Apple, Android, and other products often are the best way to close the door on a new exploit or ...

Continue Reading →
0

New Phishing Scam Uses FBI and IRS Logos

There is a new twist on an old tax scam appearing in email inboxes recently.  The new phishing exploit uses both IRS and FBI emblems to scare recipients into provide personal information on a downloadable questionnaire.  You can read the official warning here.

I like to remind people that the IRS only communicates with taxpayers by postal mail.  Sometimes they might send a US Marshal.  And the FBI certainly would not be sending an email when they can ...

Continue Reading →
0

Security Issue With CCleaner

Piriform’s CCleaner is a popular computer cleaning and optimizing product that many people use.  I have my doubts about the real effectiveness of these utilities, but many of my clients swear by it.  I have used CCleaner myself several times as one of the tools I used to clean up a malware infection.

Recently, the CCleaner software code was modified  to include a malicious backdoor.  This warning was published earlier in one ...

Continue Reading →
0

The Weakest Link In Cybersecurity is in Your Mirror

That’s right, it’s still you.  Sorry.

October is Cybersecurity Awareness Month, and this week’s theme is Simple Steps to Online Safety.

The toughest part of cybersecurity is securing the human mind, emotions, behaviors, and responses from the making a decision or taking an action that will open the door for a cyber-attacker.  The reality is that it is much easier to secure systems than humans. And unfortunately, humans have been given a ...

Continue Reading →
0

BlueBorne Bluetooth Hijacker – What Do We Know?

Cybersecurity researchers at Armis Labs have released information about a new attack vector called BlueBorne.  This exploit has the potential to put millions of devices running Windows, Linux, Android or iOS operating systems at risk.

This exploit allows attackers to connect over the Bluetooth radio system with having to first pair the two Bluetooth enabled devices.  Once installed, the attacker has full control of ...

Continue Reading →
0

WireX Turns Android Phones into DDoS Botnet

WireX is a new botnet that runs on hijacked and compromised Android phones.  A bot-net is a collection of compromised devices that can be coordinated by the hijacker to work together on a certain task.  It might be bit-coin mining, or password cracking, or other tasks that require a lot of processing power.  This bot-net, like last year’s Mirai and ...

Continue Reading →
0
Page 3 of 16 12345...»