One of the worst things that can happen to you online is when someone hijacks one of your social network accounts. When unauthorized bad-actors get your Facebook or Twitter password, they can use your account to impersonate you, and to send all sorts of friend requests, share requests, spam, and posts with click-bait links that can lead your friends to web pages that will steal their information or silently download and ...
A new phishing campaign by the Iranian state-sponsored group known as “Charming Kitten” is using new tactics to trick users out of their passwords and both SMS and app generated two-factor codes. Charming Kitten is tied to the Islamic Revolutionary Guard. This campaign has been ongoing since October 2018. Information on this attack was released on December 18, 2018 by Certfa Lab.
Targets of these attacks are high-ranking individuals in the financial ...
Continue Reading →
I have written before about how our smartphones are ratting out our location, using GPS and even just cell tower location information. The New York Times recently published a story that followed a woman throughout her day and discovered that her location was collected over 8000 in a single day. From the location database they purchased from a location data broker, they were ...
The implementation of EMV (Europay, Master Card, Visa) or “chip” cards have not reduced the instances of credit card theft in the US. The reason: WE ARE DOING IT WRONG!! I have been writing about the late implementation of EVM for years, and complaining about the “chip and sign” method we are using in the United States, vs. the much more secure “chip and PIN” method used in Europe, where they ...
US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs. An MSP provides support principally by using remote monitoring, remote access, and remote control software products. They install a monitoring tool called an “agent,” and a command and control device on the ...
A quick Saturday digest of cybersecurity news articles from other sources.
12/28/2018 03:57 PM EST Original release date: December 28, 2018
During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of ...
Continue Reading →
Are you wondering what exploits represent the biggest threats in 2019? It can be difficult and expensive to defend against everything. If your company is budget-constrained, it may make more sense to defend against what is “likely” instead of everything that is “possible.” Today we look at some of the biggest cyber-attack methods from the past, the present and the future.
While these threats ...
Continue Reading →
How many of last year’s cybersecurity resolutions did you actually deploy in 2018? Not as many as you had hoped?
The new year gives us the opportunity to plan and deploy the computer and network security upgrades we need to implement to protect us from the exploits of cyber-criminals and other bad actors. What is on your list? Going to start using a ...
Continue Reading →
I have been warning about the weakness of the password for a number of years. Passwords no longer provide strong security. Passwords are too easy to crack using automated techniques, and are stored insecurely in many environments. Most passwords are too short, or easily guessable. Many users reuse the same password on multiple sites. But the password remains the most popular form of authentication among most users. Two-factor and multi-factor authentication ...
We occasionally get requests from other writers who want to post on our blog. This is one of those times. Thanks to Panda Security for this infographic. To read the accompanying article, please click through to their site.
