We have written about the dangers of working with “tech support” people who call out of the blue claiming to be from Microsoft or possibly your Internet service provider. Here are a couple of stories about people who turned the tables on these con artists. As a precaution, please remember that attacking these guys back is just as illegal as what they are hoping ...
It was 15 years ago that Osama Bin Laden carried out the most dramatic and successful attack against the United States since the Japanese bombed Pearl Harbor in 1941. The sacrifices made in New York, the Pentagon, and in the air over Shanksville, PA are not to be forgotten.
Solutions seem to be hard to find. Regardless of what side you find yourself on in the larger picture of the continuing hostilities ...
Continue Reading →
On Wednesday we took a look at Facebook scams. But what about LinkedIn? Because of LinkedIn’s professional focus, the scams are a little different, but use many of the same tactics. LinkedIn scams are more likely to draw on information from your professional profile, and tend to be employment or income related. Here they are:
Everybody, it seems, is on Facebook, and the numbers back it up, with over 1 billion members worldwide. So naturally, anytime you get a crowd of people this large, the cyber-criminals are going to be all over it.
Don’t even get me started with the oversharing of personal information. Please stop telling me and the crooks that you will be out of town for a week on a Vegas vacation, and your ...
Continue Reading →
We warned our readers about the FBI alert regarding the Business Email Compromise scam on July 6. Cyber-criminals have successfully bilked US companies of over 3 billion dollars since January 2015. Typically this exploit starts by the attacker gaining knowledge of the CEO’s or other highly placed executive’s user credentials to their email account. This is most often done using a spearphishing email, but could also be ...
Phishing is still the overwhelming go-to choice for cyber-criminals launching an attack. Over 90% of computer system breaches start with a phishing email in an inbox. Finding ways to unmask these impostors is a good first step are protecting yourself from a phishing exploit. Let’s look at this first example, apparently from a law firm about a legal action.
DARPA (Defense Advanced Research Projects Agency) recently held a contest to explore the feasibility of automating the process of finding vulnerabilities on a group of target computers, and automatically fixing the vulnerabilities. Using a game format similar to “capture the flag,” on Aug. 5,at the Paris Las Vegas hotel, seven teams of programmers, hackers and researchers set a cybersecurity milestone.
Here is a short list of applications that I use frequently when undertaking a penetration test of vulnerability scan. I don’t use all of these all the time, but they are probably the most popular tools in the security community. We start with Kali, the Swiss Army knife of exploitation tools. What can’t Kali do? Then we look several stand alone tools for host enumeration, port scanning, packet sniffing, vulnerability detection, ...
Not sure how funny this is. According to