Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Microsoft disrupts Fancy Bear election meddlers

In a new skirmish, Microsoft took control of six internet domains that were about to be used by the group to spoof US political organizations.


SamSam: The (almost) $6 million ransomware

New research reveals that SamSam ransomware has affected far more victims, and raised far more ransom, than previously thought.


Mikrotik Routers Can Be Exploited for Crypto-Mining – Patch Now

An exploitable weakness in the remote administration utility can turn your Mikrotik router into a crypto-mining zombie,  A patch is available from the manufacturer to fix this problem.


Cybercrime Billionaires Arrested

Three leaders of the cybercrime group Fin7 were arrested recently.  The successful credit card stealing business the founded is worth over a billion dollars, and is still operational after their arrests.  A fascinating true-crime story.


Dangerous Windows 10 flaw lets hackers secretly run any app on your PC

Researchers have discovered a method to use Regsvr32 to run applications that leave no trace.  This process can bypass whitelisting apps such as AppLocker.  Scary video follows.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.