Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Tell Congress to Restore Full Net Neutrality Protections

From the Electric Frontier Foundation (EFF).  Do you  like what has happened to your cable and Internet service?  In December 2017, the FCC voted to roll back the 2015 Open Internet Order, giving Internet service providers (ISPs) free reign to engage in unfair and discriminatory data practices. That decision did not end the fight for net neutrality, and now we have a chance to enshrine protections in a way the FCC cannot so easily dispense with. Tell your representatives to stand up for real net neutrality!

What comes after air gaps? DARPA asks world for ideas

According to DARPA, air gapping computers and data is a security idea that has run its course and urgently needs to be replaced.

Get-rich-quick social media scams are turning teens into money mules

Young people are being talked into handing over their bank details with the promise of some easy cash.

Today I Was Attacked Through An Existing Vendor Using A Real Email Thread

We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file back which we upload into the voice mail console.

So, this morning at 5 am I received an email from that vendor with an attached zip file, suggesting that was a new wave file for upload. While I have my first espresso waking up, I use an iPad Pro to handle my email and forwarded to my tech team at KnowBe4. I never looked at the Zip file. I should have known better and use the Phish Alert button instead.

Police demands Waze stop pinpointing their checkpoints

Waze users are helping intoxicated drivers to evade checkpoints and could thus be “engaging in criminal conduct,” say police.

What does ‘consent to tracking’ really mean?

So gotta read this!  What happens when you click “agree” on that terms of service? The answer will surprise you.

What’s behind this 1,000-character phishing URL?

New trick in phishing.  Bleeping Computer learned of a strange phishing campaign which uses an unusually long URL – but why?  Simply to confuse you.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.