Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Microsoft inches closer to commercially-viable quantum computing

Microsoft’s quest to create a powerful quantum computer comes closer to reality with the help of an elementary particle.

Cobalt/Carbanak bank malware gang’s alleged leader arrested

These hackers have made ATMs across Europe spit out cash upon command.  This is a fascinating crime spree spanning 5 years, and originally revealed by Brian Krebs.  Worth a look.

Tracking protection in Firefox for iOS now on by default – why this matters

Turning it on by default might sound like a mere tweak, but its the first version of the browser to do this without the user having to consciously turn it on.

We have been reporting about the strides Firefox has been making to head to the front of the class regarding privacy and security.  This is another great example.

Ongoing Threat of Ransomware

04/09/2018 08:38 PM EDT  Original release date: April 09, 2018

NCCIC has observed an increase in ransomware attacks across the world. Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.

Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Throughout different ransomware events, NCCIC’s best practices and guidance remain the same:

  • create system back-ups
  • be wary of opening emails and attachments from unknown or unverified senders
  • ensure that systems are updated with the latest patches

NCCIC encourages users and administrators to review its Ransomware page and the U.S. Government Interagency Joint Guidance for further information.

Russia’s Grizzly Steppe gunning for vulnerable routers

Russian Government hackers stand accused of targeting millions of routers

Russian Malicious Cyber Activity

04/16/2018 12:01 PM EDT  Original release date: April 16, 2018

The Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom’s (UK) National Cyber Security Centre (NCSC) released a joint Technical Alert (TA) about malicious cyber activity carried out by the Russian Government. The U.S. Government refers to malicious cyber activity by the Russian government as GRIZZLY STEPPE.

NCCIC encourages users and administrators to review the GRIZZLY STEPPE – Russian Malicious Cyber Activity page, which links to TA18-106A – Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices, for more information.

TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

04/16/2018 01:25 PM EDT



About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.