Back on March 1 2019, I reported that Russia was planning to disconnect itself from the Internet. On November 1, 2019, the Russian Federation decreed that all Russian ISPs are required to route Internet traffic through special gateway routers run by Russian communications regulator Roskomnadzo.
The stated goal is to protect Russia from major cyber-attacks from bad actors or other nation-state run cyber operations. ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Original release date: October 17, 2019
Personal note: Windows 7 has been, and may always be, my favorite operating system of all time. I have come to respect Windows 10, and of course I use it every day, but I have ...
Continue Reading →
A guest post by Maxwell Donovan
Editor’s comment: I spend a lot of time writing about cyber-crime. This article reminds us that there are other very physical and personal crimes that we need to guard against as well.
They say that crime doesn’t pay, but in the end, does it? You are at risk from crime when you’re running a business. This could include an ...
Continue Reading →
When I am speaking or training, and the subject turns to penetration testing, I make certain to explain to the class or audience that nearly everything a pen-tester does violates federal laws. For starters, there is the Computer Fraud and Abuse Act. There are many other computer laws at both the federal and state levels.
Penetration testing takes a vulnerability assessment to the next ...
Continue Reading →
One of my clients was the victim of a cyber-crime, and I reported it to the FBI’s Internet Crime Complaint Center. Today I will discuss how the process worked.
My client called me to help her after someone posing as her intercepted a payment on an invoice that she sent to one of her customers. The way this worked is that some time in the past, her business email account had been ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Original release date: September 8, 2019
U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Original release date: September 4, 2019
The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential donors. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise ...
Continue Reading →
Law enforcement agencies never stop complaining about how hard their jobs are. The crooks are using technology in criminal activities, and hiding themselves on the Internet using anonymizing proxies such as TOR, and VPNs. And how it would be so much easier if they just could have a convenient “backdoor” to break encrypted messages. The truth of the matter is that ...
Paul Calder Le Roux, a brilliant South African software programmer who ran the most successful and largely legal opioid marketing networks called RX Limited, and morphed into running a huge illegal international drugs and arms dealing empire that has ever been seen. Since his arrest in 2012, he has been spending time in the custody of the DEA, ratting ...
Hot on the heals on each other, Equifax and Facebook have each settled for large fines in unrelated privacy and data breach cases. All I can say is “about time” and “is that all?”
The FTC has fined Facebook $5 billion for data misuse and other issues related to Cambridge Analytica, the European GDPR, the last US Presidential Elections, and the Brexit campaign. This ...
Continue Reading →