The Mirai and Bashlight botnets have caused quite a stir in the cybersecurity and IT realms. The easy ability to round up and deploy millions of devices in a botnet using automated tools has raised the bar. How we respond to DDoS attacks will have to change.
Nevertheless, you can remove your IoT devices from the bot-net and keep them from being reacquired. Here are some easy solutions:
First, as clever as these exploits ...
Continue Reading →
Naked Security recently reported on a new ransomware exploit that looks like the infamous Windows Blue Screen of Death (BSOD). The tactic this time is to trick you into calling a toll-free number for “support.” This is another variation of the “Fake Tech Support” scam that we have written about numerous times.
The lock screen feature is similar ...
Continue Reading →So what is this guy doing wrong? His stance has Darwin Awards written all over it. May not kill him, but will definitely take him out of the gene pool.
As a chainsaw owner who has a nifty chainsaw scar below my left knee, I have come to appreciate the importance chainsaw safety and proper usage.
I was tempted to post this article late in October, when Brian Krebs suffered with the DDoS attack on his website, or when the Mirai botnet attack on DynDNS was in full swing, but decided to wait it out until after the election, in case it turns out that the Dyn attack was a precursor to an attack to disrupt the elections. And as of today, it appears that it was ...
Naked Security recently reported on the raid on a call center outside of Mumbai India that was engaged in defrauding US taxpayers of over $15 million dollars by pretending to be IRS collection agents. 70 people were arrested and over 600 call center operators remain under investigation. While this is good news, this scam was very successful and is likely to pop up again. We are reporting on it ...
I don’t like to get political in this web log, but since the mainstream parties have given us what is possibly the worst two choices in Presidential candidates since the Revolution, may I suggest voting Libertarian? You can check out their platform from the link.Tuesday we get to vote for president again. Worried about the security of electronic voting machines? You are not alone, but you would not find any political or election officials in your group. They think everything is fine! The fact that your next president may be elected by the Russian Cyber Army is OK, I guess. So that means Trump.
Here’s a little humor to make the nightmare seems more acceptable.
Continue Reading →
On of the more hopeful presentations from the Cyber Security Summit was presented by Tony Sager from the Center for Internet Security. Titled “Making Best Practices Common Practices: The CIS Controls,” Tony provided us with a road map for implementing secure practices in our networks.
There are 20 CIS controls. Tony said that implementing the first 5 (20%) would reduce your risk by 80%. ...
Continue Reading →
On Monday we looked at the some of the primary attack vectors used by cyber-criminals. Here are the rest of the attack vectors that Kevin Thompson from FireEye shared at the Cyber Security Summit. Many of these are significant twists on old exploits, or more sophisticated exploits.
Hey, when I spend several hundred dollars and two days of my time to attend a cybersecurity conference, a guy like me hopes he can milk a few blog articles out of it. Here is the third (so far.)
Most of these nuggets came from a keynote titled “2016 Cyber Attacks By The Numbers” presented by Kevin Thompson, a former CIA analyst and now a threat analysis for the cybersecurity firm FireEye. Very eye-opening.