WyzGuys Tech Talk

A quick Saturday digest of cybersecurity news articles from other sources.

Ransomware attack forces 2-day shutdown of natural gas pipeline

The US Department of Homeland Security (DHS) on Tuesday said that an infection by an unidentified ransomware strain forced the shutdown of a natural-gas pipeline for two days.

Crypto AG Fallout: Cyber Rivals Call the U.S. an ‘Empire of Hackers’

America’s cyber adversaries are having a field day right now, calling the United States hypocritical on cybersecurity.

This comes in the week following a cyber intelligence bombshell about Crypto AG, which was the world’s leading cryptography company for decades, helping governments around the globe encrypt their communications.

Now we know that the Swiss company was owned by German intelligence and the U.S. CIA.

Phishing Scam: Cybercriminals Impersonate Bank CEO’s Wife to Get Millions

It started with a phishing attack. Cybercriminals posed as the wife of bank CEO Jacinto Rodrigues using a spoofed email address that apparently looked legitimate. The hackers wrote as Mrs. Rodrigues, needing to move money from the couple’s personal accounts to accounts in Singapore. They sent 13 fake emails in all, and the bank transferred more than $2 million before employees uncovered… Read more

Russia’s War On Encryption Stumbles Forth With Ban Of Tutanota

from the what-are-you-so-afraid-of dept

The Russian government continues to escalate its war on encrypted services and VPNs. For years now, Putin’s government has slowly but surely taken steps to effectively outlaw secure communications, framing the restrictions as essential for national security, with the real goal of making it harder than ever for Russian citizens to dodge the Putin government’s ever-expanding surveillance… (full story)

The Amazon Prime phishing attack that wasn’t…

A big word of warning to owners of WordPress web sites.  You can be hijacked to be part of a scam like this one.  When we followed the phishing trail, we found ourselves at a web page we weren’t expecting…

Ring makes 2FA mandatory to keep hackers out of your doorbell account

Good news on the IoT security front.  Amazon is following Google’s lead by forcing all users to use two-factor authentication when logging into their Ring accounts.

WordPress plugin hole could have allowed attackers to wipe websites

A WordPress plugin with over 100,000 active installations had a bug that could have allowed unauthorised attackers to wipe its users’ blogs clean, it emerged this week.

GAO Says TSA Has No Idea If Its Screeners Are Up To Date On Their Training

from the front-line-defense-composed-entirely-of-benchwarmer-grade-personnel dept

Bob says:  I always hated the Patriot Act, because it is a vast intrusion into our constitutional rights, imposed in the days following the 9-11 attacks.  The federalization of airport security inot the TSA was part of that madness.  Is the TSA doing it’s job?  Maybe not.

Here comes more evidence explaining why the TSA sucks at prevention and blows at cures. Presented to voters as a proactive defense against sophisticated terrorism threats, the TSA has become an agency that belatedly reacts to each observed threats — threats normally defused by passengers who don’t work for the government and haven’t received extensive training on anti-terrorism… (full story)