Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Equifax Security Breach Is A Complete Disaster… And Will Almost Certainly Get Worse

‘Pulse wave’ DDoS – another way of blasting sites offline

If there’s one thing we’ve learned, it’s that any new way of DDoSing will reveal that there are a huge number of undefended devices online.

It’s baaaack: Locky ransomware is on the rise again

Locky had been quiet until new variants started appearing last week. Here’s what you need to know

Data security firm says major ransomware attack is underway

Data security firm Barracuda Networks is warning of an ongoing ransomware attack targeting industries including health care after it logged about 20 million attempts over 24 hours through an email attachment designed to look like a payment confirmation, says Eugene Weiss, Barracuda Content Intelligence Team leader. The sender’s address is spoofed to impersonate someone the recipient trusts, and data encryption may begin when the attached file is opened.

Who will own the data from your autonomous car?

If you’re hoping that Congress to lock in protection for your privacy, you should probably lower your expectations.

Hurricane-Related Scams

09/08/2017 01:56 PM EDT  Original release date: September 08, 2017

As the peak of the 2017 hurricane season approaches, US-CERT warns users to be watchful for various malicious cyber activity targeting both disaster victims and potential donors. Users should exercise caution when handling emails that relate to recent hurricanes, even if those emails appear to originate from trusted sources. Disaster-related phishing emails may trick users into sharing sensitive information. Such emails could also contain links or attachments directing users to malware-infected websites. In addition, users should be wary of social media pleas, calls, texts, or door-to-door solicitations relating to the recent hurricanes.

To avoid becoming a victim of fraudulent activity, users and administrators should consider taking the following preventive measures:


Trump’s cybersecurity advisers quit, warning of ‘insufficient attention’

Departing members leave Trump with a list of recommendations that look a lot like … a plan.  They cited “insufficient attention to the growing threats to the cybersecurity of the critical systems upon which all Americans depend, including those impacting the systems supporting our democratic election process”.  (more rational people abandon the burning clown car.)



About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.