On Wednesday we talked about a phishing exploit that used malware to provide remote access and steal the personal information of the victims. Today we continue the story with a similar exploit, called “Fareit” to “ferret out” the user credentials and other personal information the victims.
This exploit uses a phishing email to send the target either a PDF attachment or a Word attachment. The PDF variant uses Windows Powershell to install. The ...
Continue Reading →
10
FEB
FEB
0
Share
I read a story in 
On May 25 2018, new regulations will go into effect in the European Union called the General Data Protection Regulation (GDPR). If you are doing business in Europe, this will affect your business. If your website collects personal information and other data from European site visitors or customers, this will affect your business.
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
The FBI recently reported on arrests of a number of lottery scammers in what they call 
The site Adult Friend Finder, the “world’s largest sex and swingers site” recently exposed 412 million user credentials due to poor, or in some cases, non-existent password hashing practices. The biggest group losses were:
As we approach year-end, many small and medium sized business owners and managers are coming to the realization that their best intentions for creating a cybersecurity program in their organization have fallen short. This was the year, you promised yourself, that we get a handle on computer and network security.
On Monday we looked at the some of the primary attack vectors used by cyber-criminals. Here are the rest of the attack vectors that Kevin Thompson from FireEye shared at the Cyber Security Summit. Many of these are significant twists on old exploits, or more sophisticated exploits.
US-CERT sent out an announcement in September about a new video from the FTC for people whose personal information may have been breached in a cyber incident. There are tips on reporting, and how to recover with tools such as a credit freeze or fraud alert. There are many links on both the 
Years ago I heard a story about someone on a job interview was asked by the hiring manager for the user ID and password to their Facebook account. My response, then and now, was “sure – but you first.” The idea being if you want to know that much about my personal life, then I want to know the same about you. Maybe ...