Original release date: October 17, 2019
Personal note: Windows 7 has been, and may always be, my favorite operating system of all time. I have come to respect Windows 10, and of course I use it every day, but I have never loved it the way I loved 7. Gonna miss you babe. Don’t tell anyone that I still have you running in the lab.
On January 14, 2020, Microsoft will end extended support for their Windows 7 and Windows Server 2008 R2 operating systems. After this date, these products will no longer receive free technical support, or software and security updates. Organizations that have regulatory obligations may find that they are unable to satisfy compliance requirements while running Windows 7 and Windows Server 2008 R2.
Bad guys are now capitalizing on the benefits election/enrollment season and the yearly pay raise process which usually gets effective Jan 1st. These criminals are still improving their game, these benefits and pay-themed phishing emails are not quite as convincing as the recent tax-themed phishing attacks.
Original release date: November 8, 2019
As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online. Cyber actors may send emails and ecards containing malicious links or attachments infected with malware or may send spoofed emails requesting support for fraudulent charities or causes.
CISA encourages users to remain vigilant and take the following precautions:
- Avoid clicking on links in unsolicited emails and be wary of email attachments (see Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams).
- Use caution when shopping online (see Shopping Safely Online).
- Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
Original release date: November 1, 2019
November is National Critical Infrastructure Security and Resilience Month. The Nation’s critical infrastructure (CI) relies on a highly interdependent environment, in which physical and cyber systems converge. CI plays a vital role in keeping our Nation and communities safe and secure. Everyone is involved in the mission to protect CI and can help by using cybersecurity best practices, reporting cybersecurity incidents and phishing attempts, and submitting malware for review.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages critical infrastructure owners and operators to download the Critical Infrastructure Security and Resilience Month Toolkit and to visit CISA’s Critical Infrastructure Security and Resilience Month resource page throughout November for information and updates.
Which sort of company is most likely to contact you via SMS? Why, your mobile phone provider, of course!
The Darknet server running the site, “Welcome to Video”, and the website’s convicted admin were tracked down by a global police force.
IT workers have been storing files on their computers’ hard drives. One councilman’s alleged response: “That can’t be right? That’s real?”
Hundreds of fake domains have been set up against some of the presidential candidates through typo-squatting, according to a report from digital risk company Digital Shadows.
This disturbing find by a CERT researcher demonstrates how attackers can encode malicious files within a Virtual Hard Disk (VHD) image that acts in the same way as a ZIP archive.