A quick Saturday digest of cybersecurity news articles from other sources.
Microsoft inches closer to commercially-viable quantum computing
Microsoft’s quest to create a powerful quantum computer comes closer to reality with the help of an elementary particle.
Cobalt/Carbanak bank malware gang’s alleged leader arrested
These hackers have made ATMs across Europe spit out cash upon command. This is a fascinating crime spree spanning 5 years, and originally revealed by Brian Krebs. Worth a look.
Tracking protection in Firefox for iOS now on by default – why this matters
Turning it on by default might sound like a mere tweak, but its the first version of the browser to do this without the user having to consciously turn it on.
We have been reporting about the strides Firefox has been making to head to the front of the class regarding privacy and security. This is another great example.
Ongoing Threat of Ransomware
04/09/2018 08:38 PM EDT Original release date: April 09, 2018
NCCIC has observed an increase in ransomware attacks across the world. Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.
Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Throughout different ransomware events, NCCIC’s best practices and guidance remain the same:
- create system back-ups
- be wary of opening emails and attachments from unknown or unverified senders
- ensure that systems are updated with the latest patches
NCCIC encourages users and administrators to review its Ransomware page and the U.S. Government Interagency Joint Guidance for further information.
Russia’s Grizzly Steppe gunning for vulnerable routers
Russian Government hackers stand accused of targeting millions of routers
Russian Malicious Cyber Activity
04/16/2018 12:01 PM EDT Original release date: April 16, 2018
The Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom’s (UK) National Cyber Security Centre (NCSC) released a joint Technical Alert (TA) about malicious cyber activity carried out by the Russian Government. The U.S. Government refers to malicious cyber activity by the Russian government as GRIZZLY STEPPE.
NCCIC encourages users and administrators to review the GRIZZLY STEPPE – Russian Malicious Cyber Activity page, which links to TA18-106A – Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices, for more information.
TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices
04/16/2018 01:25 PM EDT
APR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com