Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Extortion Phish: Your Password is XXXX

One of my IT associates got an email that had one of her actual passwords in it, and threatened to reveal information unless she paid a ransom in Bitcoin.  This seems to be getting a lot of traction, so beware.  Do not pay the extortion demand. First, this is a scam.  They got your password from one of the hundreds of breaches we have had in the last several years.  Check your email address on haveibeenpwned.com to see where yours came from. Second, these are criminals, and you cannot trust them to keep their word, and if you pay them once, they will be back for more.  Read these articles for details.

New Bluetooth Vulnerability

A “Bluetooth snooping” bug, dubbed CVE-2018-5383, was just announced – are you patched, and how can you tell?

Mini-glossary: Cryptocurrency terms you need to know

Confused by all the lingo surrounding cryptocurrencies like Bitcoin and Etherium? If so, you’re not alone. Here are the essential cryptocurrency terms you should know.

Optimizing Wordfence Security Settings: Brute Force Protection

A great tutorial if you are using Wordfence to protect your WordPress website.

Your smartphone can watch you if it wants to, study finds

Internet users have grown used to the idea that they can be tracked and profiled as they browse the web, but what about the specific risks of smartphones?

Raspberry Pi gets its own app store with latest OS update

The latest release of the official Raspbian OS will make it easier to find the best software for the credit card-sized board.

4 ways smishing scams can get your money or info

Cybercriminals have found a way to strip digital device users of their personal data, using a tool called “smishing.”  Smishing scams compromise the target’s cell phone through texts or SMS messages, then swipe the target’s personal data once the user clicks on the text link.  Learn more about how you could be targeted through smishing.

IC3 Warns of Business Email Compromise Scams

07/13/2018 06:41 PM EDT  Original release date: July 13, 2018

The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.



About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.