When you work in a cybersecurity organization that serves other business entities, every now and again you see something really unique. This one crossed my desk on March 28th. A client of ours received a letter by postal mail that threatened to shut them down with a distributed denial of service attack. They are probably trying to avoid the Computer Fraud and Abuse Act, but extortion by postal mail is a ...
Users of the Apple iOS 10.3 phone operating system are being offered two-factor authentication (2FA) for their Apple IDs. This offers an additional layer of security for iCloud data, too.
As we have discussed in previous posts, the benefits of 2FA are that your account cannot be breached with only a stolen password. In addition to the password, a one-time passcode is required ...
Continue Reading →
According to the Department of Homeland Security (DHS), there are seven strategies that will prevent 85% of targeted attacks. To this list I have added a few of my favorites.
Social networks are a tremendous source of personal information leakage. Actually, more like a waterfall. As we learned in the last post, attackers use social networks to perform reconnaissance against their chosen targets. Since few of us are going to delete all our social network accounts and move of the grid, we have to find a way to live ...
Controlling your professional information can mean managing the information you disclose on professional networking sites such as LinkedIn. It can also mean protecting the client and employee information you have gathered through your employment. It may mean securing your computer network from outside and inside attackers, or your website from compromise. It may mean properly securing online assets ...
Certain personal records are a gold mine for cyber-criminals and identity thieves. Highly targeted personal information include your medical records, tax information, social security number, driver’s license, and even odd bits such as utility bills, and retail or airline loyalty rewards points. Any of this information can be sold on the Dark Web, or used directly to get free ...
Almost all cyber-crime is about making money for the crooks. Often this involves stealing valuable information that can be sold. But many criminal gangs are going straight for the cash, and often this involves bank and financial account fraud or financial account access.
Below we have a list of strategies you can use to protect your financial resources.
Many social network sites make it too easy to overshare personal information. An innocent post to Twitter or Facebook, or pictures uploaded to SnapChat or Instagram can help a criminal target you. Online posts that identify your location, your travel and vacation plans, your employer, your home, and your personal possessions can be used by criminals to plan an crime. ...
I know many people who are religious about deleting their cookies and browser history in an effort to improve their online privacy. I know others who have carefully gone through all the security settings on their browsers, and social networking sites for the same reason. If this sounds like you, I have bad news.
I’ve been using Opera to browse the web, and trying out the ad-blocking feature and the location cloaking ...
Continue Reading →
2017 is promising to be another difficult year for cyber-defenders who are protecting company and government networks from attack. Here are what I think will be the top attack vectors this year.
Business Email Compromise
CEOs and other C suite officers will increasingly be targeted for email account hijacking. This is an easy exploit to run because high ranking employees and officers often ...
Continue Reading →