Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Extortion Phish: Your Password is XXXX

One of my IT associates got an email that had one of her actual passwords in it, and threatened to reveal information unless she paid a ransom in Bitcoin.  This seems to be getting a lot of traction, so beware.  Do not pay the extortion demand. First, this is a scam.  They got your password from one of the hundreds of breaches we have had in the last several years.  Check your email address on haveibeenpwned.com to see where yours came from. Second, these are criminals, and you cannot trust them to keep their word, and if you pay them once, they will be back for more.  Read these articles for details.


New Bluetooth Vulnerability

A “Bluetooth snooping” bug, dubbed CVE-2018-5383, was just announced – are you patched, and how can you tell?


Mini-glossary: Cryptocurrency terms you need to know

Confused by all the lingo surrounding cryptocurrencies like Bitcoin and Etherium? If so, you’re not alone. Here are the essential cryptocurrency terms you should know.


Optimizing Wordfence Security Settings: Brute Force Protection

A great tutorial if you are using Wordfence to protect your WordPress website.


Your smartphone can watch you if it wants to, study finds

Internet users have grown used to the idea that they can be tracked and profiled as they browse the web, but what about the specific risks of smartphones?


Raspberry Pi gets its own app store with latest OS update

The latest release of the official Raspbian OS will make it easier to find the best software for the credit card-sized board.


4 ways smishing scams can get your money or info

Cybercriminals have found a way to strip digital device users of their personal data, using a tool called “smishing.”  Smishing scams compromise the target’s cell phone through texts or SMS messages, then swipe the target’s personal data once the user clicks on the text link.  Learn more about how you could be targeted through smishing.


IC3 Warns of Business Email Compromise Scams

07/13/2018 06:41 PM EDT  Original release date: July 13, 2018

The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.


 

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.