Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

and

APTs Targeting IT Service Provider Customers

10/03/2018 10:56 AM EDT  Original release date: October 03, 2018

The National Cybersecurity and Communications Integration Center (NCCIC) has received multiple reports of advanced persistent threat (APT) actors actively exploiting trust relationships in information ...

Continue Reading →
0

The Swiss Army Knife of Hacker-ware

Have you ever wondered just what an attacker can do once they gain access to your computer?  A 21 year old software coder is facing prison time for developing the ultimate Swiss Army knife of an “administrators'” tool-kit.  This tool was sold to over 6,000 people through an extensive affiliate marketing network.  Many of his customers were cyber-criminals who used the ...

Continue Reading →
0

Six Simple Malware Removal Tips Anyone Can Use

You think you just got a malware infection on your computer, but you’re not sure, and you aren’t sure what to do.  Take it to the Geek Squad or another qualified IT shop?  If only there were simple things you could try on your own.  The good news is there are, and we will show you some of them today.

  • So it seems you might have a malware issue.  These are my ...
Continue Reading →
0

Ten Signs of a Malware Infection

I just finished helping a client with a strange issue that I thought might be malware related, and we successfully fixed his issue by email, without having to meet or even set up a remote support session.  And it occurred to me that I have not covered the issue of malware remediation in ages.  Since this can be a fairly easy DIY project for most computer users, I thought a fresh ...

Continue Reading →
0

WordPress JetPack Exploit Hijacks Websites for Tech-Support Scam

Bad actors are using compromised WordPress.com accounts and the popular Jetpack plugin to add a malicious plug-in of their own that turns compromised websites into a vehicle for perpetrating a fake tech support scam.  Attackers are using stolen user names and passwords from other breaches and trying these credentials on WordPress.com to find accounts.  They are even searching whois records for website domain names registered with the same email account as the stolen user name.

Continue Reading →
0

What Security Advice Do The Experts Offer?

I recently read an article from Heimdal Security about online safety.  In this article Heimdal had asked 18 experts in the field of cybersecurity for their top 3 ideas about how to stay secure.  The contributors included top cybersecurity professionals from several anti-malware companies, security bloggers, and cybersecurity industry professionals.  The original article is here.

What I found interesting were the ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Today is Veterans Day – Thanks for Your Service

Veteran’s day is a remembrance of all U.S. military veterans – past and present. It is celebrated every November 11th, and has been a federal holiday since 1926.


Protecting Critical Infrastructure from Cyber Threats

10/31/2017 08:14 AM EDT  Original release date: October 31, 2017

Building resilience in critical infrastructure ...

Continue Reading →
0

Details on New Email Exploit – No Attachment Required

People often ask me if it is dangerous to simply open an email, if it is possible to get a malware inflection just by reading an email.  My answer has been a qualified “not at this time.”  Unfortunately, this is no longer true.  It is possible to get a malware installation from the new DDE (Dynamic Data Exchange) exploits reveal by Sophos Labs on October 13 2017.  This can be accomplished without an attachment or link if the email is ...

Continue Reading →
0

Security Issue With CCleaner

Piriform’s CCleaner is a popular computer cleaning and optimizing product that many people use.  I have my doubts about the real effectiveness of these utilities, but many of my clients swear by it.  I have used CCleaner myself several times as one of the tools I used to clean up a malware infection.

Recently, the CCleaner software code was modified  to include a malicious backdoor.  This warning was published earlier in one ...

Continue Reading →
0
Page 1 of 4 1234