Trusted Sources for Threat Intelligence and Cybersecurity Information

Just how in the heck does a cybersecurity professional stay on top of the rapidly evolving threat landscape, the ever changing attacks and exploits, and new security solutions? I can assure you it involves a lot of reading.

Last month the Twin Cities chapter of (ISC)2 held a meeting on the topic of trusted sources for threat intelligence.  It seemed like a great topic idea, so I decided to share my list ...

Continue Reading →
0

What The Heck Is A Zero-Day?

What is a “zero-day,” exactly?   In information security, occasionally there is a brand new cybersecurity vulnerability or exploit in the news, and the reporter calls it a “zero-day” exploit.  What are they talking about.  This is a concept similar to “patient zero” in medical epidemiology. This is where the bad thing started to happen.

A zero-day vulnerability is a flaw ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Detecting Credit Card Skimmers

Modern credit card skimmers hidden in self-service gas pumps communicate via Bluetooth. There’s now an app that can detect them:

The team from the University of California San Diego, who worked with other computer scientists from the University of Illinois, developed an app called Bluetana which ...

Continue Reading →
0

Android OS Set Top Boxes Target of Botnet

A new botnet known as “Ares” is targeting misconfigured set top boxes that run the light-weight Android OS.  Two older botnets, Fbot and Trinity, are also targeting this misconfiguration.  A module, the Android Debug Bridge (ADB), is the specific vulnerability, and it should not be available at all.  The debug bridge is used by software developers during code writing to check for flaws, ...

Continue Reading →
0

Hack Turns iPhones and Android phones into Ultimate Surveillance Tool

If you visited certain websites with your iPhone (or Android or Windows device**) over the last two years, it is possible that your iPhone downloaded and installed malware that allowed attackers to intercept and record everything you did and everywhere you went with your iPhone.  This includes real-time location information, all your emails and messaging (including encrypted versions such ...

Continue Reading →
0

Many Popular Printers Provide Easy Attack Surfaces

Printers seems to be simple devices that we use to convert information into a physical form, usually text on paper.  But all printers are really small special purpose computers.  They have processors, RAM memory, and storage in the form of solid state chips or entire hard drives.  The operating system is often some form of Linux.  They usually can be accessed and configured ...

Continue Reading →
0

Guest Post – Have an Android Smartphone? Beware of Agent Smith

Another guest post by Tony Chiappetta of CHIPS

Agent Smith is frightening Google Android users around the world. This malware has replaced legitimate apps with malicious versions on 25 million Android devices. Here is what you need to know.

Around 25 million Google Android devices have been infected with a new variant of mobile malware. Once ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


U.S. Cyber Command Shares 11 New Malware Samples

Original release date: September 8, 2019

U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


September is National Preparedness Month: Be Prepared, Not Scared

Original release date: August 28, 2019

National Preparedness Month (NPM) promotes family and community disaster and emergency planning. This year’s theme is “Prepared, Not Scared.”

Although most people understand that being prepared is essential to getting through an emergency such as a natural disaster, there is less awareness about the ...

Continue Reading →
0

Remote Desktop Protocol is Still a Top Attack Vector

Phishing for login credentials may still be the way most network breaches happen, but insecure use of remote desktop protocol is another favorite vulnerability used by attackers to enter a network..  Sophos Naked Security reported their findings on the use of RDP or the Remote Desktop Protocol as a launch vector for accessing and compromising ...

Continue Reading →
0
Page 1 of 12 12345...»