cybersecurity Archives - Page 35 of 107

The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious cyber actors send unsolicited emails to taxpayers from fake (i.e., spoofed) IRS email addresses. The emails contain a link to a spoofed IRS.gov website that displays fake details about ...

Continue Reading →

24
AUG

0

Share

Computers and Internet, cybersecurity, cyberwar, Internet of Things, Linux, Weekend Update

APT28, EvilGnome, Fancy Bear, IRS, NEST, Ring, Russia, Strontium, tax scam, WannaCry

A New Phish – Unusual Sign In Activity from Microsoft

There is a very realistic spoofed phishing email making the rounds that looks so close the the real Microsoft alert email, as to be almost undetectable. They even spoof the legitimate sender address of “account-security-noreply@accountprotection.microsoft.com”. So even if you are looking for signs of chicanery, it will be difficult for most users to tell it is fake. See an example below.

Continue Reading →

23
AUG

0

Share

account hijacking, cybersecurity, Phishing

Microsoft

Home Wi-Fi Routers Lack Basic Security

Is your home Wi-Fi router a gateway to invasion by cyber-criminals? According to recent findings by Consumer Reports, it very well could be. They tested 29 popular home routers, and were only able to recommend 6 basic Wi-Fi routers, and 3 more expensive Wi-Fi mesh routers. Mesh routers allow you to install several Wi-Fi ...

Continue Reading →

21
AUG

0

Share

authentication, cybersecurity, Internet of Things, passwords, Wi-Fi

Free and Open Source Apps for Android

The problem with smartphone apps is that they cannot be trusted. Sure that new game is fun, but what about all the ads? Did you know that ads can contain malicious links? And what about all the apps that include location in their permissions? Wouldn’t it be great if there was an alternative?

F-Droid is a platform for free ...

Continue Reading →

16
AUG

0

Share

Android, cybersecurity, smartphones

FOSS, free and open source

Public Key Encryption Explained

One of the more difficult cybersecurity concepts to understand is Public Key Encryption and how public keys, private keys, symmetrical encryption and asymmetrical encryption all work together. This infographic I found on Facebook does and excellent job explaining how this works.

Continue Reading →

12
AUG

1

Share

Computers and Internet, cybersecurity, encryption, privacy, Security

Beware of Scammers Exploiting Recent Events

It seems that every new event brings out a crop of scammers ready to exploit the gullible. Several recent scams are using the Equifax breach settlement, and the recent mass shootings in El Paso and Dayton to extract money from or deliver malware to their victims.

First, from KnowBe4, we have the details of several scams taking advantage of people attempting to get the $125 settlement payment they may be owed as a result of the Equifax ...

Continue Reading →

9
AUG

0

Share

cybersecurity, News and politics, Phishing, social engineering

Equifax breach

Federal Trade Commission Fines Equifax and Facebook

Hot on the heals on each other, Equifax and Facebook have each settled for large fines in unrelated privacy and data breach cases. All I can say is “about time” and “is that all?”

The FTC has fined Facebook $5 billion for data misuse and other issues related to Cambridge Analytica, the European GDPR, the last US Presidential Elections, and the Brexit campaign. ...

Continue Reading →

7
AUG

1

Share

Computers and Internet, cybersecurity, Facebook, law and policy

Equifax

Guest Post – Accreditation vs. Certification vs. Registration in the ISO world

Things with ISO standards can get really complicated: there are many ISO management standards – the most popular ones are ISO 9001, ISO 14001, ISO 27001, ISO 22301, ISO 20000, etc. – and there are a multitude of ways to get accredited/certified/registered related to those standards. But, that’s not all – there is a difference if you want to certify your company, or if you want to certify as an individual.

So, ...

Continue Reading →

5
AUG

0

Share

certification, cybersecurity

Capital One Breach Not That Bad

First I must confess that I am a huge Capital One fan. As far as I am concerned, they do it right. Good alerting system, great customer service, heck, great products.

So I was a bit dismayed to hear they were the latest victim of a data breach. But as the details were released, it seems the attack was an insider job, and ...

Continue Reading →

2
AUG

0

Share

Computers and Internet, cybersecurity

Capital One

Lateral Phishing – A New Threat to Business Email

Phishing is getting better and harder to detect. One new trend is using hijacked business email accounts to pivot further into a business, by using the built in trust of the company’s email domain to send phishing emails that appear to come from coworkers. These phishing emails from trusted sources are used to hijack other email accounts in the same company. This ...

Continue Reading →

31
JUL

0

Share

Computers and Internet, cybersecurity, email, multi-factor authentication, passwords, Phishing

cybersecurity

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

IRS Warns of New Email Scam

A New Phish – Unusual Sign In Activity from Microsoft

Home Wi-Fi Routers Lack Basic Security

Free and Open Source Apps for Android

Public Key Encryption Explained

Federal Trade Commission Fines Equifax and Facebook

Guest Post – Accreditation vs. Certification vs. Registration in the ISO world

Capital One Breach Not That Bad

Lateral Phishing – A New Threat to Business Email