Al-Qaeda Rolls Their Own Encryption

As reported by Bruce Schneier back in May, one of the outcomes of the Snowden revelations is that some people are abandoning open source encryption tools for things they are brewing up on their own.  And while home-brewing may be great for beer, proper cryptography is many orders of magnitude more difficult to make than beer.  Al-Qaeda is one of the organizations reputedly creating three new “NSA-proof” encryption schemes.

Since 2007, Al-Qaeda’s use of encryption technology has been based on ...

Continue Reading →
0

Keyloggers Found on Many Hotel Business Center Computers

Bad news business and vacation travelers, those free computers that are in many hotel business centers have been infected with keylogger malware.  This means that whatever you are typing while sitting at one of these publicly accessible computers is being sent to a cyber-criminal somewhere.  Hopefully you are savvy enough to NOT be doing online banking or checking your brokerage accounts on these systems, but even just checking your email can open you up to having that account hijacked and ...

Continue Reading →
0

It’s Not Just Retail–Oil and Electric Utilities Hacked by Dragonfly

As reported by Symantec on June 30, and covered by the New York Times and SiliconBeat, there is a active exploit running against U.S. and European energy firms using the Dragonfly or Energetic Bear exploit kit.  Similar to Stuxnet, this exploit seeks to gain access and control of the industrial control systems that manage the flow of electricity. oil, and gas.  The article on Symantec is very through and gives a pretty technical readout, as well ...

Continue Reading →
0

Sunday Funnies: New Job Interview Technique–Hack Your Next Employer

As reported in Naked Security, three Georgia Tech students hacked the mobile app ‘Yo,’and then reported their feat to TechCrunch

We can get any Yo user’s phone number (I actually texted the founder, and he called me back). We can spoof Yo’s from any users, and we can spam any user with as many Yo. We could also send any Yo user a push notification with any text we want (though we decided not to do ...

Continue Reading →
0

CryptoWall and CryptoLocker–How to Defend Against Ransomware

In my last post I covered the nature of the crypto-ransomware exploit.  In this article we will discuss things you can do to help defend against this attack.

Avoidance

The best solution for preventing crypto-ransomware exploits is avoidance.  For this exploit to work, you have to help it happen.  Your risky online behavior makes it possible. 

  • Never open an email attachment unless you know who sent it and are expecting to receive it.  Don’t be afraid to check; it never hurts to ...
Continue Reading →
0

Crypto-Wall and Crypto-Locker Hard to Defeat part 1 of 2

The different variants of crypto-ransomware have become an area of significant concern for information technology professionals.  There has been a decline in their confidence in endpoint protection solutions such as typical Internet security software products.  This decline, from 96% to 59%, shows how serious the crypto-ransomware threat has become for most network administrators.

The variants of this exploit are known as CryptoLocker, CryptoWall, CryptoDefense, Cryptorbit, HowDecrypt, and similar names.  They all work the same way.  Usually the exploit starts with a ...

Continue Reading →
0

Synthetic Identity Theft–Fast Growing Consumer Fraud

Thanks to Deb Vosejpka , who posted this article about synthetic ID theft from the KNX News Radio website.  An interesting read, it explained how synthetic ID theft is different from “true-name” identity theft.  Basically, in classical identity theft, the perpetrator secures your social security number and other personal information and opens accounts in your name, operating for all intents as a second you. 

In synthetic identity theft, a real social security number is married to information of ...

Continue Reading →
0

Paper or Plastic? Shoppers Returning to Cash After Breaches

In Silicon Beat it has been reported that in the aftermath of the high profiles security breaches of major retailers such as Target, PF Chang’s, Neiman Marcus, and Michael’s, many wary shoppers are returning to cash as a more secure form of payment.  A recent survey showed that following a breach, 64% of people responding to the poll said they would be using cash in the future, with millennials being more likely to use cash than other demographic ...

Continue Reading →
0
Page 190 of 232 «...160170180188189190191192...»