A quick Saturday digest of cybersecurity news articles from other sources.While reviewing spam traps, a particular campaign piqued Trustwave’s interest primarily because the attachment to the email did not coincide with the theme of the email body. The email, with the Subject “GOOD LOAN OFFER!!”, at ...
Password theft – One of the easiest exploits for a cyber-criminal may be the one of the worst for the victim. The recent SolarWinds disaster (yes it is a disaster, not just hyperbola) began when a Russian cyber-ops group discovered the password to the SolarWinds update server was “protected” by the password SolarWinds123. This password is easily guessable and a terrible choice for a critical system such as an update ...
If the Pandemic wasn’t enough to deal with, we still have to deal with people and their poor password choices.
Three passwords security controls that really make a difference.
Have a Happy Thanksgiving – Be sure to watch the video below.
A quick Saturday digest of cybersecurity news articles from other sources.Original release date: July 16, 2020
This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques.
Attributing malicious cyber activity that uses network ...
Continue Reading →
A guest post from frequent contributor Siege Media.
Aside from the fact that your grandma is complaining about her shrinking internet, the internet is growing at a pace that’s pretty hard to even imagine–approximately 576,000 new websites per day, with each site being a potential ...
Continue Reading →
Phishing Email AlertsCatch of the Day: Wells Fargo Identity Theft Phish – A trifecta – bank account, personal information, and a credit card. On the Dark Web this is called a Fullz.
Chef’s Special: Phishing attacks impersonate QuickBooks invoices ahead of July 15 tax deadline
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.The Wordfence Threat Intelligence Team just published details of an attack harvesting database credentials, targeting over 1 million WordPress sites. For 24 hours, attacks from this campaign accounted for 75% of all exploit attempts on plugins and themes across all of WordPress.
Both the free and paid versions ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Does all this COVID-19 related ruling by Executive Order give you the Constitutional willies? Well, the Legislative Branch is doing its best to keep pace in the race to see which branch of the government can violate our rights the most. The government can keep on surveilling your online ...
Continue Reading →
If you use Google for anything (and who doesn’t), it is a good idea to periodically check your your Google account security settings. If you have an Android phone, then there is a Gmail account attached to the phone, whether you use it or not. This account is tied to the GPS location history generated by your phone. It is also attached to Google Calendar, Google Contacts, Google Photos, any ...
