Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Microsoft inches closer to commercially-viable quantum computing

Microsoft’s quest to create a powerful quantum computer comes closer to reality with the help of an elementary particle.


Cobalt/Carbanak bank malware gang’s alleged leader arrested

These hackers have made ATMs across Europe spit out cash upon command.  This is a fascinating crime spree spanning 5 years, and originally revealed by Brian Krebs.  Worth a look.


Tracking protection in Firefox for iOS now on by default – why this matters

Turning it on by default might sound like a mere tweak, but its the first version of the browser to do this without the user having to consciously turn it on.

We have been reporting about the strides Firefox has been making to head to the front of the class regarding privacy and security.  This is another great example.


Ongoing Threat of Ransomware

04/09/2018 08:38 PM EDT  Original release date: April 09, 2018

NCCIC has observed an increase in ransomware attacks across the world. Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.

Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Throughout different ransomware events, NCCIC’s best practices and guidance remain the same:

  • create system back-ups
  • be wary of opening emails and attachments from unknown or unverified senders
  • ensure that systems are updated with the latest patches

NCCIC encourages users and administrators to review its Ransomware page and the U.S. Government Interagency Joint Guidance for further information.


Russia’s Grizzly Steppe gunning for vulnerable routers

Russian Government hackers stand accused of targeting millions of routers


Russian Malicious Cyber Activity

04/16/2018 12:01 PM EDT  Original release date: April 16, 2018

The Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom’s (UK) National Cyber Security Centre (NCSC) released a joint Technical Alert (TA) about malicious cyber activity carried out by the Russian Government. The U.S. Government refers to malicious cyber activity by the Russian government as GRIZZLY STEPPE.

NCCIC encourages users and administrators to review the GRIZZLY STEPPE – Russian Malicious Cyber Activity page, which links to TA18-106A – Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices, for more information.


TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

04/16/2018 01:25 PM EDT


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.