Details on New Email Exploit – No Attachment Required

People often ask me if it is dangerous to simply open an email, if it is possible to get a malware inflection just by reading an email.  My answer has been a qualified “not at this time.”  Unfortunately, this is no longer true.  It is possible to get a malware installation from the new DDE (Dynamic Data Exchange) exploits reveal by Sophos Labs on October 13 2017.  This can be accomplished without an attachment or link if the email is ...

Continue Reading →
0

Dragonfly Wants To Punch Our Lights Out? Round Four

Over the last four posts, we have focused on the US-CERT alert, but cybersecurity firm Symantec has actually been working this case since 2011.  Their report on Dragonfly can be found on their website.  While they are cautous when providing attribution, reading between the lines indicates that Dragonfly is probably a Russian based group, possibly working on behalf ...

Continue Reading →
0

Don’t Miss It! I am a featured speaker next Tuesday at Joule Cram Day

NEW!

Joule U . CRAM DAY

Tuesday . September 26 2017

SIX 60 MINUTE CLASSES
Learn something new! Attend one, some or all.

My presentation, Shields Up for WordPress Websites and Blogs is from 2:30 to 3:30.

I know many of the other speakers and this looks like a terrific lineup.  Block out the day and get some valuable information you can ...

Continue Reading →
0

Phishing Protection In Outlook and Office 365

There are four ways that a typical business user on a Microsoft Outlook/Exchange/Office 365 platform can utilize.  While these may not be perfect, and all of them have issues, applying these solutions will help prevent your users for falling victim to phishing emails.  These solutions are additive, and each additional solution deployed provides a further layer of protection.

Junk Mail Filter – Outlook comes with a built-in Junk Mail filter that, while ...

Continue Reading →
0

Ten Easy Steps to Getting Hacked

Here is a quick little survey to help you determine how likely you are to be the victim of a cyber-attack or cyber-criminal exploit.  Give yourself a point for each “Yes” answer.

  1. Security is generally a waste of time and money.
  2. I am too small or uninteresting to be a target of a cyber crime.
  3. Passwords are a hassle, so I keep them short and easy to remember.
  4. I like to use the same password ...
Continue Reading →
0

The War for Your Inbox

I recently gave a presentation titled “Email Security – Resist That Click” on May 23 2017 at the Phipps Theatre in Hudson WI.  This event was sponsored by First State Bank and Trust of Bayport MN.  I was also asked to present this topic at the MnCCC Conference (Minnesota Counties Computer Consortium) in Alexandria MN on Wednesday June 7, 2017.  This presentation was titled “The War for Tour Inbox.”

First State Bank and Trust had my presentation video recorded, and it ...

Continue Reading →
0

Cybersecurity Top 10

cybersecurity_436x270As we approach year-end, many small and medium sized business owners and managers are coming to the realization that their best intentions for creating a cybersecurity program in their organization have fallen short.  This was the year, you promised yourself, that we get a handle on computer and network security.

Well it is not too late to get a start, and here is a short ...

Continue Reading →
0

More Notes from the Cyber Security Summit 2016

cyber-security-summit-2016On Wednesday we looked at several of the important takeaways from this year’s Cyber Security Summit.  Here are a few more.

  • Small businesses need to stop using public email services such as Gmail, Yahoo, or Hotmail for their business email.  User credentials for 500,000 Yahoo email accounts have been stolen, and it could happen to the others.  If you have a domain name you are using for a web site, then you should ...
Continue Reading →
0
Page 1 of 3 123