Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Ransomware attack forces 2-day shutdown of natural gas pipeline

The US Department of Homeland Security (DHS) on Tuesday said that an infection by an unidentified ransomware strain forced the shutdown of a natural-gas pipeline for two days.

Crypto AG Fallout: Cyber Rivals Call the U.S. an ‘Empire of Hackers’

America’s cyber adversaries are having a field day right now, calling the United States hypocritical on cybersecurity.

This comes in the week following a cyber intelligence bombshell about Crypto AG, which was the world’s leading cryptography company for decades, helping governments around the globe encrypt their communications.

Now we know that the Swiss company was owned by German intelligence and the U.S. CIA.

Phishing Scam: Cybercriminals Impersonate Bank CEO’s Wife to Get Millions

It started with a phishing attack. Cybercriminals posed as the wife of bank CEO Jacinto Rodrigues using a spoofed email address that apparently looked legitimate. The hackers wrote as Mrs. Rodrigues, needing to move money from the couple’s personal accounts to accounts in Singapore. They sent 13 fake emails in all, and the bank transferred more than $2 million before employees uncovered… Read more

Russia’s War On Encryption Stumbles Forth With Ban Of Tutanota

from the what-are-you-so-afraid-of dept

The Russian government continues to escalate its war on encrypted services and VPNs. For years now, Putin’s government has slowly but surely taken steps to effectively outlaw secure communications, framing the restrictions as essential for national security, with the real goal of making it harder than ever for Russian citizens to dodge the Putin government’s ever-expanding surveillance… (full story)

The Amazon Prime phishing attack that wasn’t…

A big word of warning to owners of WordPress web sites.  You can be hijacked to be part of a scam like this one.  When we followed the phishing trail, we found ourselves at a web page we weren’t expecting…

Ring makes 2FA mandatory to keep hackers out of your doorbell account

Good news on the IoT security front.  Amazon is following Google’s lead by forcing all users to use two-factor authentication when logging into their Ring accounts.

WordPress plugin hole could have allowed attackers to wipe websites

A WordPress plugin with over 100,000 active installations had a bug that could have allowed unauthorised attackers to wipe its users’ blogs clean, it emerged this week.

GAO Says TSA Has No Idea If Its Screeners Are Up To Date On Their Training

from the front-line-defense-composed-entirely-of-benchwarmer-grade-personnel dept

Bob says:  I always hated the Patriot Act, because it is a vast intrusion into our constitutional rights, imposed in the days following the 9-11 attacks.  The federalization of airport security inot the TSA was part of that madness.  Is the TSA doing it’s job?  Maybe not.

Here comes more evidence explaining why the TSA sucks at prevention and blows at cures. Presented to voters as a proactive defense against sophisticated terrorism threats, the TSA has become an agency that belatedly reacts to each observed threats — threats normally defused by passengers who don’t work for the government and haven’t received extensive training on anti-terrorism… (full story)



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.