Thank God this hasn’t happened here in the United States (yet). It is not for lack of trying by US law enforcement agencies, though. What am I talking about? Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).
TOLA is supposed to ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.A new book uncovers the intricacies of Paul Le Roux’s cartel and how it fueled the opioid epidemic ravaging the U.S. today. This facinating story is covered in detail on the Smithsonian website. Or read Evan Ratliff’s new book The Mastermind. I did, and the ...
Continue Reading →
In our last post we singled out North Korea as a key source of cyber-war action against the United States and other countries. But they are not the only countries that the US is actively engaged with in cyber-space. On January 29, 2019, Daniel Coats, Director of National Intelligence, released a report to the Senate, titled Worldwide Threat Assessment of ...
A quick Saturday digest of cybersecurity news articles from other sources.If your computer technical support is provided by an outside vendor, you need to know this. We have warned about this problem before.
Earlier this week, an unidentified threat actor managed to launch a ransomware attack resulting in the encryption of between 1,500 to 2,000 endpoint ...
Continue Reading →
Ever feel like there should be a 12-step program for your cybersecurity career? “Hello, I’m Bob and I’m a recovering cybersecurity professional.” Doing the same old “defense in depth” stuff and still the barbarians get onto your network and wreak havoc. Remember the definition of insanity? “Doing the same thing and expecting different results.” As with any 12-step program, the first step would ...
US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs. An MSP provides support principally by using remote monitoring, remote access, and remote control software products. They install a monitoring tool called an “agent,” and a command and control device on the ...
We have been investigating Russian cyber-attacks this week. Today we publish a timeline of Russian cyber-activities. In the interest of space, I am publishing just the timeline with little descriptive content. I have included a download link to a PDF and spreadsheet of the timeline with more detail, and links to sources.
Notice how these cyber attacks started out in 2004 as small, unsophisticated ...
Continue Reading →
Was the election of Donald Trump the result of the successful application of “active measures” by Russia? Did the massive Facebook and Twitter campaigns by the Russians change public opinion enough in the final days of the Presidential campaign to move the needle and help Trump win?
According to Retired KGB Maj. Gen. Oleg Kalugin, former Director of Foreign Intelligence ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.12/13/2018 06:59 PM EST Original release date: December 13, 2018
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom in Bitcoin ...
Continue Reading →
In a not too distant future, you may be riding in an autonomous vehicle that is forced to decide between running over a pedestrian or a bicyclist. Or whether to crash into a tree or another automobile. It may make a decision you are not particularly happy with. These decisions will rely on “artificial intelligence” built into these cars. These decisions are being programmed right now by developers of autonomous vehicles. ...