05/31/2017 07:45 PM EDT
(***Watch for our 4 part series on Email Account Hijacking starting Monday***)
The Federal Bureau of Investigation (FBI) has released an article on Building a Digital Defense with an Email Fortress. FBI warns that scammers commonly target business email accounts with phishing and social engineering schemes. Strategies for preventing email compromises include avoiding the use of free web-based email accounts; using multi-factor authentication; and updating firewalls, antivirus programs, and spam filters.
US-CERT encourages users and administrators to review the FBI article for more information and refer to US-CERT Tips on Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Attacks.
FBI Internet Crime Complain Center – May 4, 2017
This threat is becoming more serious. We have written several articles about this, and have a 4 part series on this topic coming soon.
From Naked Security.
According to Google, a bug in Broadcom’s wireless firmware could allow a crook within Wi-Fi range to take over Android itself remotely.
by Bruce Schneier, Schneier on Security blog
There’s something going on inside the intelligence communities in at least two countries, and we have no idea what it is.
Consider these three data points. One: someone, probably a country’s intelligence organization, is dumping massive amounts of cyberattack tools belonging to the NSA onto the Internet.
Two: someone else, or maybe the same someone, is doing the same thing to the CIA.
Three: in March, NSA Deputy Director Richard Ledgett described how the NSA penetrated the computer networks of a Russian intelligence agency and was able to monitor them as they attacked the US State Department in 2014. Even more explicitly, a US ally — my guess is the UK — was not only hacking the Russian intelligence agency’s computers, but also the surveillance cameras inside their building. “They [the US ally] monitored the [Russian] hackers as they maneuvered inside the U.S.systems and as they walked in and out of the workspace, and were able to see faces, the officials said.”
Countries don’t often reveal intelligence capabilities: “sources and methods.” Because it gives their adversaries important information about what to fix, it’s a deliberate decision done with good reason.
And it’s not just the target country who learns from a reveal. When the US announces that it can see through the cameras inside the buildings of Russia’s cyber warriors, other countries immediately check the security of their own cameras. More…