cybersecurity Archives - Page 69 of 107

CEOs and Business Owners Targeted By Cyber-Criminals

Are you are the owner of a business, or the CEO or other C-level employee? You are prime target for cyber-criminals. Specifically, your email account is a highly desirable target that can be used to impersonate you for invoicing, payment interception, or wire transfer fraud.

If you think you are too small to be a target, you are wrong. I worked on a case of a seven-person company whose owner had an MSN email account. They sent an invoice by email ...

Continue Reading →

14
AUG

0

Share

Computers and Internet, cybersecurity, Identity Theft, Phishing, Security

BEC, business email compromise, CEO fraud, email account hijacking, wire transfer fraud

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

US-CERT: Alert (TA17-181A) Petya Ransomware

Systems Affected

Microsoft Windows operating systems

Overview

This Alert has been updated to reflect the National Cybersecurity and Communications Integration Center’s (NCCIC) analysis of the “NotPetya” malware variant.

The scope of this Alert’s analysis is limited to the newest Petya malware variant that ...

Continue Reading →

12
AUG

0

Share

cybersecurity, malware, News and politics, ransomware, Weekend Update

How Hard Is It To Become A Cyber-Criminal?

According to a recent article on Naked Security, not at all hard. While at Black Hat in Las Vegas, researchers from Sophos gave a presentation that dissected the “Philadelphia” ransom software as a service (SaaS) model.

Anyone can buy the Philadelphia ransomware kit on the Dark Web for $400. And for this nominal investment, the would-be attacker gets a simple executable file that sets up the whole system ...

Continue Reading →

11
AUG

0

Share

Computers and Internet, cybersecurity, Dark Web, malware, Phishing, ransomware, Security

Will Artificial Intelligence Beat Real Intelligence?

One of the persistent memes that interest me is the impending event sometimes known as “the singularity.” This is a probable future where our electronic devices become self-aware and fully autonomous. We see the beginnings of this happening all around us in devices like Amazon’s Alexa and Echo, The Nest and Google communities of smart devices, self-driving vehicles, and all the Internet of Things (IoT) devices that listen ...

Continue Reading →

9
AUG

0

Share

artificial intellegence, cybersecurity, Internet of Things, Linux, malware, Security, Software vulnerability

Malicious Android Apps Steal Text Messages

Sophos Naked Security alerted us to two Android apps that are included in the Google Play Store as legitimate apps. This makes these apps particularly dangerous, if you are following our advice to only install apps from legitimate sources. Once installed, they download a plug-in that harvests your text messages and sends them to a web server. Since the plug-in is downloaded ...

Continue Reading →

7
AUG

0

Share

Android, cybersecurity, Security, smartphones, Software vulnerability, Spyware, wireless

Not All Attacks Are Cyber Attacks – Watch For Phone Scams Too

As long as we are on the subject of telephone fraud, here is a post inspired by a recent article from Naked Security. It reminded me that not all attacks are high-tech cyber-attacks. The phone is still an effective tool used by criminals to extract cash from their victims, and the losses can be in the thousands.

Here are some different scams run by these scammers:

Tech support scam: ...

Continue Reading →

4
AUG

0

Share

cybersecurity, Identity Theft, social engineering

Is Phone Phreaking Still A Thing? Recent FBI Arrest Says Yes

Phone phreaking refers to the exploration of phone systems and networks to discover how they work. It also refers to the exploitation of telephone lines and systems in order to make free long distance calls. Like the term “hacking,” it can refer to both the curious and the criminal.

Time to climb into Mr Peabody’s WABAC Machine for our history lesson. Phone phreaking got its start in ...

Continue Reading →

2
AUG

0

Share

cybersecurity, law and policy, Software vulnerability

phreaking, telecom fraud

Email Account Hijacking – Part 4 Prevention and Dectection

Last week we went deep on the subject of just how bad losing control of your email account can be. Today we are wrapping up the four-part series with solutions to help you prevent email account compromise from happening, how to detect if it has already happened to you, and how to recover if that is the case.

Prevention is the best solution. Your email account is one of the crown ...

Continue Reading →

31
JUL

0

Share

authentication, Computers and Internet, cybersecurity, passwords, Phishing, social engineering

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker. Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits. So sending the victim other phishing emails that allow more ...

Continue Reading →

28
JUL

0

Share

authentication, Computers and Internet, cybersecurity, Identity Theft, malware, passwords, Phishing, ransomware, Security, social engineering, Spyware, surveillance, Trojan, Web Design, WordPress