A quick Saturday digest of cybersecurity news articles from other sources.
CISA Releases Telework Essentials Toolkit
Original release date: September 30, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive security considerations appropriate for their role:
- Actions for executive leaders that drive cybersecurity strategy, investment and culture
- Actions for IT professionals that develop security awareness and vigilance
- Actions for teleworkers to develop their home network security awareness and vigilance
The Best VPN Services for 2020
Using a VPN is a secure way for Internet users to protect their privacy and using a Virtual Private Network, or VPN, is one of the most secure ways for Internet users to protect their privacy and information against attacks. VPNs enable users to safely share files and access home or business networks from anywhere; avoid government surveillance, stream content, and more.
There are many VPNs to choose from — to help you find the one that’s best for you, we spent over 20 hours researching 45+ VPN services to arrive at our top picks.
Trump vs. Biden on Cybersecurity, Encryption, and Data Privacy
You probably won’t see any campaign commercials on these topics, but they will impact how the United States and the world operates after the 2020 presidential election. This is a rapid read on where President Trump and former Vice President Biden stand on cybersecurity, encryption, internet governance, and privacy. Where are we getting this information? In every presidential election since 2008, the non-partisan Information Technology and Innovation Foundation (ITIF) has examined the two major candidates’ positions on a host of issues. So that is the source of our data. The ITIF report breaks down cybersecurity to a few salient bullet points on each side. Here they are… Read more
Attacks Aimed at Disrupting the Trickbot Botnet
Krebsonsecurity.com – Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.
A text snippet from one of the bogus Trickbot configuration updates. Source: Intel 471
On Sept. 22, someone pushed out a new configuration file to Windows computers currently infected with Trickbot. The crooks running the Trickbot botnet typically use these config files to pass new instructions to their fleet of infected PCs, such as the Internet address where hacked systems should download new updates to the malware.
But the new configuration file pushed on Sept. 22 told all systems infected with Trickbot that their new malware control server had the address 127.0.0.1, which is a “localhost” address that is not reachable over the public Internet, according to an analysis by cyber intelligence firm Intel 471. Read entire story…
Cybersecurity Awareness Month: Train employees to be first line of defense
This October looks quite different from previous years, as IT oversees staff who are no longer centrally located, creating a larger attack surface for bad actors. Awareness is key, experts say.
Protecting Seniors From Online Scams
A challenge for senior citizens who embrace the computer age is knowing how to avoid online fraud. Although people of all ages are at risk, statistics show that when it comes to online safety, seniors are more vulnerable. In fact, according to the Department of Homeland Security, “seniors are defrauded at twice the rate of the rest of the population.” Yes, there are swindlers out there — based in another country or maybe even in your neighborhood — who want to steal from you or your loved ones. But there are also reliable ways to spot a scam and steer clear of fraud. Here, we explain common scam types and show you how to safeguard your valuables, savings and online information. Full story…
How rogue TikTok accounts are promoting malicious mobile apps
The accounts are pushing games, wallpaper, and other apps designed to deploy adware scams toward iOS and Android users, says Avast.
AA20-266A: LokiBot Malware
Original release date: September 22, 2020
Summary
This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions by the Multi-State Information Sharing & Analysis Center (MS-ISAC).
CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020. Throughout this period, CISA’s EINSTEIN Intrusion Detection System, which protects federal, civilian executive branch networks, has detected persistent malicious LokiBot activity. LokiBot uses a credential- and information-stealing malware, often sent as a malicious attachment and known for being simple, yet effective, making it an attractive tool for a broad range of cyber actors across a wide variety of data compromise use cases. More…
Share
OCT
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com