What Are You Letting OUT of Your Network?

I had an interesting question from a client last month.  They were looking for guidance on “egress filtering.”  Egress filtering is the concept of tuning your perimeter defenses (firewalls, routers, IDS*, and UTM* devices) to review and restrict the flow of information that is leaving your network.

Historically, most perimeter defenses are are designed to keep bad ...

Continue Reading →
0

Go Big or Stay Home

It is my belief that if you are planning a crime, you might as well go for the glory.  The jail time is the same whether you steal $50,000 or $50 million.

I’m not sure if this is the biggest phishing scam ever, but it is the biggest I’ve heard of.  A Lithuanian man named Evaldas Rimasaukas devised a scheme that extracted over $100 million from Google and Facebook.  He achieved this feat ...

Continue Reading →
0

Report and Recover from Identity Theft with New FTC Service

Identity theft is a crime that can take years to recover from.  One of the early problems for an identity theft victim has been the requirement to file a police report.  Many police departments do not devote much effort to identity theft, so sometimes getting the police to actually create a report and provide you with a report number can difficult.  If the ...

Continue Reading →
0

How Do You Know If Your Identity Was Stolen?

Identity theft can be devastating, and painfully hard to resolve.  It can have negative effects on your credit rating.  It could result in you being arrested for an open warrant on charges for a crime committed by the person who is using your identity.  Identity theft occurs in different ways.  Sometimes is is part of an online scam that may start with a ...

Continue Reading →
0

Anti-Drone Tactics

Drones have become the must-have item for many people this year.  Some of them are your neighbors, and they may be annoying you or intruding on your privacy.  On the other hand, it may be a member of our military hunting a terrorist.  Or, increasingly, it may be a terrorist using a drone to provide surveillance, or worse yet, deliver something deadly like a ...

Continue Reading →
0

The Google Docs Hoax: What Have We Learned?

It has been a couple of weeks since the Google Docs hoax spread across the Internet like wildfire.  What have we learned about this exploit?

Originally this appeared to be a phishing campaign, but phishing emails are spoofed clever replicas.  These emails were the genuine article, and were sent from Google mail servers, from the hijacked Google accounts of people you were likely to know.  This made the exploit difficult to detect, ...

Continue Reading →
0

This Will Make You Wanna Cry

A post about an alert I received first from AlienVault, and then from everybody.  There is a new crypto-ransomware variant called Wanna Cry that is taking advantage of a recent Microsoft vulnerability that was patched back on March 14.  If your computers have not been updated with MS17-010, then those computers are vulnerable.  Microsoft considers this vulnerability significant enough to release it for Windows XP, even though official support ended over two ...

Continue Reading →
0
Page 5 of 107 «...34567...»