Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Extortion Phish: Your Password is XXXX

One of my IT associates got an email that had one of her actual passwords in it, and threatened to reveal information unless she paid a ransom in Bitcoin.  This seems to be getting a lot of traction, so beware.  Do not pay the extortion demand. First, this is a scam.  They got your password from one of the hundreds of breaches we have had in the last several years.  Check your email address on haveibeenpwned.com to see where yours came from. Second, these are criminals, and you cannot trust them to keep their word, and if you pay them once, they will be back for more.  Read these articles for details.


New Bluetooth Vulnerability

A “Bluetooth snooping” bug, dubbed CVE-2018-5383, was just announced – are you patched, and how can you tell?


Mini-glossary: Cryptocurrency terms you need to know

Confused by all the lingo surrounding cryptocurrencies like Bitcoin and Etherium? If so, you’re not alone. Here are the essential cryptocurrency terms you should know.


Optimizing Wordfence Security Settings: Brute Force Protection

A great tutorial if you are using Wordfence to protect your WordPress website.


Your smartphone can watch you if it wants to, study finds

Internet users have grown used to the idea that they can be tracked and profiled as they browse the web, but what about the specific risks of smartphones?


Raspberry Pi gets its own app store with latest OS update

The latest release of the official Raspbian OS will make it easier to find the best software for the credit card-sized board.


4 ways smishing scams can get your money or info

Cybercriminals have found a way to strip digital device users of their personal data, using a tool called “smishing.”  Smishing scams compromise the target’s cell phone through texts or SMS messages, then swipe the target’s personal data once the user clicks on the text link.  Learn more about how you could be targeted through smishing.


IC3 Warns of Business Email Compromise Scams

07/13/2018 06:41 PM EDT  Original release date: July 13, 2018

The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.