Fileless Malware Poses New Threat

There is a new threat appearing on corporate and personal networks called “fileless malware.”  It can sneak by traditional signature recognition endpoint security programs.  It is able to hide and stay resident by using trusted operating system and software application files to run the exploit.

Fileless malware exploits are estimated to comprise almost 30% of new exploits, and that percentage is rising as cyber-crime group move to this newer technology.  Fileless malware exploits are being target at financial institutions and other ...

Continue Reading →
0

DOD and NSA Internet Surveillance Archives Not Secured

Many companies and organization are moving their data repositories to the cloud, to places such as Amazon Web Services (AWS).  Hopefully, if your company is moving to the cloud, you are doing a better job securing this information than the Department of Defense or the National Security Agency.

The first story involves a trove of data left on AWS servers, and discovered by security ...

Continue Reading →
0

KeePass – Cloudless Password Management

Let’s say you have finally committed to creating new, unique, and long passwords for all your online, network, business, and machine user accounts.  How are you going to keep track of the dozens, if not hundreds of uniquely different passwords?  Using a system makes your passwords guessable, and writing them down in a spiral notebook is a hassle, and makes your ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


National Tax Security Awareness Week: IRS Helps Taxpayers Protect Against Cyber Criminals

11/28/2017 11:10 PM EST  Original release date: November 28, 2017

As part of National Tax Security Awareness Week—November 27 to December 1—the Internal Revenue Service (IRS) is releasing daily security tips to help taxpayers protect their data and identities against tax-related identity theft.

US-CERT encourages taxpayers to visit the ...

Continue Reading →
0

Integrated Password Managers – Apple iCloud Keychain

On Wednesday, we looked at the built-in password manager provided by Google Smart Lock.  Today we will review Apple’s iCloud Keychain.  Keychain works automatically with iPhones, iPads, and Macs, and is shared an updated to all your devices automatically.  Most of the Apple users I talk to are familiar with Keychain.  Keychain works with devices that are using ...

Continue Reading →
0

Integrated Password Managers – Google Smart Lock

We are advocates of using a password manager to create, manage, and securely store the dozens (or hundreds) of unique and long passwords that we need to be using these days.  For many people, password managers can seem difficult to set up and a bit of a hassle to use.  The good news its that there are two easy and built-in alternatives, Continue Reading →

0

Merry Christmas -The Internet of Insecure Toys

Are the toys you are buying for your kids hackable?Can anyone listen in or have a conversation with your kids via an Internet connected toy?  Sorry, but the answer is “yes.”

We have been writing for a while about the grievous lack of security on Internet-connected “smart” appliances, web cameras, baby monitors, door locks, thermostats, personal assistants, Wi-Fi, Cable, and DSL routers, and other ...

Continue Reading →
0

Google Offers Advanced Protection Program for High Risk Individuals

If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.

Continue Reading →

0

Remote Desktop Protocol Attacks Against Windows Servers

Thanks to Datarecovery.com, for alerting us to this issue.  They have seen a high number RDP (Remote Desktop Protocol) attacks lately. Generally, these attacks are targeting Microsoft Windows-based servers, where port 3389 has been left open.

The attacker scans for open port 3389, and then uses a password dictionary attack to break the server password. Once the password is found, the attacker can exploit the server or sell access to the server ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Robot Gains Saudi Citizenship

From the Smithsonian.  Last week, Saudi Arabia, became the first in the world to grant citizenship to a robot during a technological summit held in its capital. Sophia, created by Hanson Robotics, is designed to look like Audrey Hepburn and possesses advanced artificial intelligence. She can ...

Continue Reading →
0
Page 4 of 19 «...23456...»