A quick Saturday digest of cybersecurity news articles from other sources.
3 things you might not know about modern ransomware and how Nefilim makes money
Trend Micro case study explains how the new business model works and how the multistep attacks unfold. A must read.
How could the FBI recover BTC from Colonial’s ransomware payment?
But Bitcoins are anonymous! However could they get refunded?
“Face of Anonymous” suspect deported from Mexico to face US hacking charges
After nearly a decade as a US expat dubbed “The Face of Anoynmous”, he’s back in the US facing cybercrime charges from almost a decade ago.
CISA Addresses the Rise in Ransomware Targeting Operational Technology Assets
Original release date: June 9, 2021
CISA has published the Rising Ransomware Threat to OT Assets fact sheet in response to the recent increase in ransomware attacks targeting operational technology (OT) assets and control systems. The guidance:
- provides steps to prepare for, mitigate against, and respond to attacks;
- details how the dependencies between an entity’s IT and OT systems can provide a path for attackers; and
- explains how to reduce the risk of severe business degradation if affected by ransomware.
CISA encourages critical infrastructure (CI) owners and operators to review the Rising Ransomware Threat to OT Assets fact sheet as well as CISA’s Ransomware webpage to help them in reducing their CI entity’s vulnerability to ransomware.
ALPACA – the wacky TLS security vulnerability with a funky name
Don’t panic – this isn’t another Heartbleed. But it’s a fascinating reminder of why doing things the easy way isn’t always the best way.
TLS, short for Transport Layer Security, is an important part of online cybersecurity these days.
TLS is the data protection protocol that puts the padlock in your browser’s address bar, keeps your email encrypted while it’s being sent (probably), and prevents cybercrooks from casually substituting the software you download with malware and other nasties. More…
Senior Internet Safety
Since June is Internet Safety Month, our team created an educational guide highlighting information on the basics of internet and online safety tips for seniors. I have included it below and thought you may be interested in reading more about it.
The internet has become an essential part for many older Americans, as it helps them stay connected with family, friends, and community services. However, technology is becoming more advanced each year and the lack of web accessibility has made it difficult for seniors to navigate the internet. With online scammers also targeting older individuals, it’s more important than ever to provide assistance and awareness on these issues.
Our guide includes:
- Helpful PDF on Internet Education
- Printable Scam Prevention Checklist and Learning Tips for Beginners
- Detailed Infographic on Online Services for Seniors
Amazon Sidewalk starts sharing your WiFi tomorrow, thanks
Amazon Sidewalk is the latest example of a multibillion-dollar company changing its users’ preferences without meaningful notification. Read on and learn what’s happening and how to opt out.
What is Incognito mode? Our private browsing 101
We look at private browsing and Incognito mode. What do they do, how do you turn them on, and what are they good at? While private browsing is handy, it can’t replace a good VPN. Here’s why.
What is encryption? And why it matters in a VPN
Encryption hides the content of Internet traffic from unauthorized readers. We look at the different types of encryption, how they’re used by VPNs, and how to tell if your chosen VPN is up to par.
Work 2021: Say goodbye to yesterday’s work habits
If you expect everything to return to “normal” with work soon, you really need to get up to speed. Your employees don’t simply want to return to the office. They are not—I repeat, not—coming back. According to physical security company Kastle, only 28% of US office workers are back at their buildings so far this year. And many of the rest of them have made it pretty clear in surveys that they’ll quit if you try to force them back into their old office cubicle. More...
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com