A quick Saturday digest of cybersecurity news articles from other sources.
The top 3 cryptocurrency scams of 2021
Kaspersky says that fake exchanges, fake mining hardware and wallet phishing are the most popular crypto scams of the year, many of which it said have a higher-than-usual level of detail.
Something to think about as you are trying to force your employees to come back to the office. The insider threat.
Original release date: August 21, 2021
CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.
To avoid becoming victims of malicious activity, users and administrators should review the following resources and take preventative measures.
- Staying Alert to Disaster-related Scams
- Before Giving to a Charity
- Staying Safe on Social Networking Sites
- Avoiding Social Engineering and Phishing Attacks
- Using Caution with Email Attachments
If you believe you have been a victim of cybercrime, file a complaint with the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) at www.ic3.gov.
Online Safety and Kids
It’s hard to believe that fall is right around the corner. And for those of you with kids, back to school time is here. Along with preparing the kids with fresh school supplies and new clothes, it’s a good time to review with kids safety on the Internet.
There are several resources available but the top tips that stood out to me are:
- Keep information Private – no sharing passwords, personal information like address and phone number, inappropriate images, and gossip
- Be Polite and Report Misbehavior – emphasis using appropriate behavior and standing up for others who may be bullied
- Think Before You Post – what is put out on the the internet can follow up for your whole life and is not easily erased
For more resources, please check out the following links:
What I should Teach my Kids about Safe Online Behavior?
Online Safety for Pre-teens
FTC on Cyberbulling
A History of Ransomware
The post A History of Ransomware appeared first on CHIPS
Ransomware is a type of malware in which the perpetrator threatens to commit a malicious act unless the victim pays a ransom. The simplest type of ransomware appears to lock the target system, although a person with reasonable knowledge of computers can usually resolve the problem without paying the ransom.
However, the most sophisticated ransomware attacks encrypt the victim’s data in a way that’s impractical to decrypt, meaning the cost of decrypting the data without the decryption key is greater than the ransom. Modern ransomware typically requires payment in the form of a digital currency such as Bitcoin, making it difficult to trace the payment and prosecute the perpetrator. More…
Trend Micro’s Linux Threat Report identifies the most vulnerable distributions and biggest security headaches
Analysts reviewed 13 million security incidents and found that end-of-life versions of Linux distributions were at the biggest risk….
Trend Micro detection data from the Linux Threat Report 2021 1H shows the top four Linux distributions where the top threat types were found:
- CentOS Linux: 51%
- CloudLinux Server: 31%
- Ubuntu Server: 10%
- Red Hat Enterprise Linux: 3%
Trend Micro analyzed more than 13 million security events to identify the top 10 malware families and most common threat types. The top five threat types affecting Linux servers from Jan. 1 to June 30 were:
- Coin Miners: 25%
- Web shells: 20%
- Ransomware: 12%
- Trojans: 10%
- Others: 3%
About 40% of the detections came from the U.S., followed by Thailand and Singapore with 19% and 14%. More….
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com