A quick Saturday digest of cybersecurity news articles from other sources.
The Ransomware Victim that Hacked Back and Got the Keys to the Kingdom
The idea of hacking back against those who hack you has been called a lot of things. The terms “goofy idea” and “illegal” are some we’ve heard. But for a ransomware victim in Germany, you can add the words “sweet revenge.” And not just for him, but for all of cybersecuritydom. Tobias Frömel paid an approximately $700 ransom in Bitcoin and then hacked back into the attacker’s command and control server. He then grabbed and released thousands of keys to decrypt the Mushtik ransomware which has been hitting victims since late September 2019.
Cyber Criminals Use Social Engineering and Technical Attacks to Circumvent Multi-Factor Authentication
The FBI has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks. This PIN explains these methods and offers mitigation strategies for organizations and entities using multi-factor authentication in their security efforts. Multi-factor authentication continues to be a strong and effective security measure to protect online accounts, as long as users take precautions to ensure they do not fall victim to these attacks.
Most Americans don’t have a clue what https:// means
…and wouldn’t know 2FA from a hole in the ground, according to Pew Research.
What Will Humans Eat on Mars?
Planetary scientist Kevin Cannon talks about the logistics of feeding a population of one million on the Red Planet.
Hacking 2020 voting systems is a ‘piece of cake’
Whose gonna win the next election? The guy with the best hackers. “A piece of cake” is how Senator Wyden described the results of DefCon’s Voting Village, where all of 100 voting systems were easily picked apart by hackers.
Darknet hosting provider in underground NATO bunker busted
Police overcame not only digital defenses of the “bulletproof” provider CyberBunker but also barbed wire fences and surveillance cams.
DNS amplification attacks increase by 1,000% since 2018
Researchers from cybersecurity firm Nexusguard said they saw a 1000% increase in DNS amplification attacks in the last three months. In their “Q2 2019 Threat Report”, Nexusguard analysts Tony Miu, Ricky Yeung and Dominic Li attributed the huge spike in attacks to the widespread adoption of Domain Name System Security Extensions (DNSSEC).
Share
NOV
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com