Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


IC3 Releases Alert on Gift Card Scams

08/02/2017 10:08 PM EDT Original release date: August 02, 2017

The Internet Crime Complaint Center (IC3) has released an alert warning consumers of music gift card scams. This type of scam targets victims, gains their confidence, and tricks them into providing gift card information.

To stay safer online, review the IC3 alert on Online Scammers Require Payment via Music Application Gift Cards and the US-CERT Tip on Avoiding Social Engineering and Phishing Attacks.

IRS Warns Tax Professionals of New Scam to Steal Passwords

08/07/2017 03:30 PM EDT  Original release date: August 07, 2017

The Internal Revenue Service (IRS), acting in concert with state tax agencies and the tax industry, has issued an IRS Security Summit Alert for tax professionals to beware of a new phishing email scam. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials.

US-CERT encourages users and administrators to review the IRS Alert and US-CERT Security Tip ST04-014.

Microsoft issues out-of-band security updates for Outlook, Office

Naked Security – If you haven’t picked up these updates, now is a good time to do them.

There were a number of out-of-band updates released on July 27. This update applies to vulnerabilities specifically Outlook and Office Click-to-run.  Several of the vulnerability updates prevent remote code executions (RCE) in Outlook 2007, 2010, 2013 and 2016, as well as Office 2010 and 2016 Click-To-Run.

FTC Releases Alert on Government Grant Scams

08/08/2017 08:30 PM EDT  Original release date: August 08, 2017

The Federal Trade Commission (FTC) has released an alert on government grant scams. In these schemes, scammers pose as government officials to get consumers to send them money. Anytime someone asks you to pay money to get money, stop and think twice.

US-CERT encourages consumers to refer to the FTC Alert and the US-CERT Tip on Real-World Warnings Keep You Safe Online for more information.

Watch out for Emotet, the trojan that’s nearly a worm

Emotet arrives as a malicious email attachment and tries to steal your online banking credentials

Self-hosted search option is a new approach to bursting the filter bubble

Tired of being tracked by Google?  Here’s an open-source, self-hosted search aggregator might be a good way both of avoiding being tracked and getting away from the echo chamber


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.