If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.
Veteran’s day is a remembrance of all U.S. military veterans – past and present. It is celebrated every November 11th, and has been a federal holiday since 1926.
10/31/2017 08:14 AM EDT Original release date: October 31, 2017
Building resilience in critical infrastructure ...Continue Reading →
Cybersecurity researchers at Armis Labs have released information about a new attack vector called BlueBorne. This exploit has the potential to put millions of devices running Windows, Linux, Android or iOS operating systems at risk.
This exploit allows attackers to connect over the Bluetooth radio system with having to first pair the two Bluetooth enabled devices. Once installed, the attacker has full control of ...Continue Reading →
We haven’t looked at the sorry state of hotel security for a while, but we have done articles on hotel locks, and hotel business center computers before. The Naked Security blog recently published a story about the Russian hacker collective known as Fancy Bear, and their involvement in the use of the leaked NSA exploit Eternal ...Continue Reading →
The SANS institute released the results of a new survey recently, and found that cybersecurity professionals ranked phishing as the number one exploit this year. Phishing awareness training programs were seen by many as the best defense against phishing, spearphishing and whaling exploits. Something that was new this year was the reporting of so-called “malware-less” exploits that use “the built-in features of the operating system to turn it against itself without downloading ...Continue Reading →
Sophos Naked Security alerted us to two Android apps that are included in the Google Play Store as legitimate apps. This makes these apps particularly dangerous, if you are following our advice to only install apps from legitimate sources. Once installed, they download a plug-in that harvests your text messages and sends them to a web server. Since the plug-in is downloaded after ...Continue Reading →
On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker. Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.
They have already proven that you are susceptible to phishing and other social engineering exploits. So sending the victim other phishing emails that allow more access ...Continue Reading →
What if there was a new phishing scam that had an open rate of 90%. That’s right, this phishing email is so believable, 90 out of 100 recipients open the the attachment or click on the link without a second thought.
These attacks begin with the scammer researching the target victim. These targets usually work at companies where there is a lot of air travel. ...Continue Reading →
Everything you can think of and many things you have never dreamed of are being manufactured with little Linux operating systems and wireless Internet connections. Or in simpler terms, a brain, storage, and communications ability. This is the Internet of Things (IoT). Lots and lots of “smart” devices talking to each other and phoning home to some data collection or dissemination point. If only the people who are designing these devices, ...Continue Reading →
I read an interesting article on Naked Security the other day about how Hamas had used Facebook and social engineering tactics to trick Israeli soldiers into installing surveillance malware. The malware allowed Hamas to track the soldiers using the phone’s GPS, and to turn on the microphone and video to actually listen in and and watch their targets. Hamas undoubtedly picked up the malware ...Continue Reading →