Archive for January, 2017

CEO Fraud Doubleheader

Tuesday, January 31st, 2017

Two instances of CEO fraud were announced yesterday.  One victim was a county in Kansas; the other a hospital. In the first instance, George S. James of Brookhaven, Georgia passed himself off as the CEO of a company requesting payments totaling $566,000 from Sedgwick County, Kansas.  The payment was made, but the county later found out […]

Trending Threat: Internet of Things

Tuesday, January 31st, 2017

By now, people are becoming more familiar with the term IoT, or the Internet of Things, where everything from cars to refrigerators to light bulbs are connected to the Internet.  Just a few months ago, hackers took over IoT devices to perform DDoS attacks against large websites and services.  What does that mean for the future of […]

Trump Executive Order on Cybersecurity

Monday, January 30th, 2017

The Washington Post published a document that appears to be a draft of an executive order from President Donald Trump this past Friday.  The goal of the EC is to review the nation’s cybersecurity. The report, which can be read in full here, assigns a team to be led by the Secretary of Defense with […]

Hang Up Your Phone Immediately if You Hear This…

Monday, January 30th, 2017

The phone rings.  The number isn’t familiar, but the area code is, so you decide to answer the call. You answer: “Hello?” “Can you hear me?” the voice on the other end of the line asks, loud and clear. Don’t answer, because if you do, you could be authorizing charges to your credit card or […]

Rude Trojan Turns Linux Machines into Proxies

Thursday, January 26th, 2017

A new Trojan allows hackers to hide their IP addresses, allowing them to carry out whatever nefarious online deeds they like, by turning Linux machines into proxy servers. Linux.Proxy.10, the name of the Trojan, was discovered in December by cybersecurity firm Doctor Web.  They have since found thousands of infected machines, but they expect to find […]

The Murky Waters of Hacktivism

Thursday, January 26th, 2017

We wrote a post about a form of ransomware called ‘Popcorn Time’ that delivered the encryption key to the original victim if they spread it to two other people. The hackers behind popcorn time explained through the ransomware that they were collecting ransoms because they were Syrian refugees who had lost everything in the Syrian […]

Ransomware on Google Play

Wednesday, January 25th, 2017

Malware slipping through to become available on Google Play, Android’s marketplace, is nothing new.  Now, however, a ransomware has snuck through, and it threatens to do a lot of damage. Named Charger, the ransomware took great pains to avoid detection.  It comes packaged in an app called EnergyRescue and employs a lot of features to […]

Charter’s Terrible Security Advice

Wednesday, January 25th, 2017

“Change your WiFi password and show guests where your loyalty lies! #ThatsMyTeam.”  That was a message from Charter Spectrum’s Twitter account, @GetSpectrum.  Do you see any problem there? Charter is one of the largest TV and internet providers in the country.  Having a message about something topical, like the upcoming Super Bowl, is fine.  Reminding […]

200,000 Vulnerable Servers

Monday, January 23rd, 2017

Do you remember the Heartbleed vulnerability?  It’s been known about for almost three years now, yet there are still nearly 200,000 systems that are vulnerable to it.  Is yours one of them? Heartbleed is a zero day vulnerability found in OpenSSL that allows hackers to read parts of a server’s memory, which can lead to […]

Gmail Scam Even Fooling Experts

Thursday, January 19th, 2017

There’s a new phishing scam going around aimed at stealing your Gmail password.  The scary thing is that even computer security pros are falling for it. Gmail is by far the most popular service for email, clocking in at over a billion active monthly users.  Gmail is popular for a number of reasons, not least […]

Student Faces 10 Years for Keylogger Malware

Monday, January 16th, 2017

Imagine you won a Programmer of the Year Award in high school.  You get into James Madison University.  You get an internship with a government security contractor.  You create a bit of software and make about $100,000 of it.  And then, at 21 years old, you’re facing a ten-year prison sentence. That’s the biography of one […]

US Spec Ops Health Data Breached

Friday, January 13th, 2017

Eleven gigabytes of health data from SOCOM, the US Special Operations Command, was exposed and ripe for hacker pickings.  The vulnerability had to do with an unprotected remote syncing service, stemming from an improperly configured backup by Potomac Healthcare, a military subcontractor. The security breach was discovered by Chris Vickery, a white hat hacker who […]

Protection Money for New Ransomware

Thursday, January 12th, 2017

How many times have you seen a TV show or movie where a couple of tough guys in leather jackets, maybe carrying baseball bats, walk into a diner or mom and pop shop and demand money?  When the owner refuses, they start smashing stuff, and when they’re done they demand protection money to make sure […]

Russian Hackers Shut Down City’s Power

Wednesday, January 11th, 2017

Less than a month ago, a major city lost power for a little more than an hour just after midnight, affecting over 200,000 people.  A cybersecurity firm claims it was very similar to an incident from a year before, and that Russia is very likely behind it. The attack occurred on December 17 of last year […]

FBI Censors Released Documents

Tuesday, January 10th, 2017

You may recall the tiff between Apple and the FBI following the shooting that took place on December 2, 2015 in San Bernardino, California that left 14 people dead and 22 wounded.  The FBI wanted Apple’s help in unlocking the iPhone of Syed Rizwan Farook, one of the shooters, to see what information they could glean […]

Did Russia Invade Vermont?

Tuesday, January 10th, 2017

One way investigators have of identifying the source of computer hacks is by looking at the code.  Last week, malware code connected to cyberattacks the US says were perpetrated by Russia was found in a laptop at an electric company in Vermont. The code was discovered after the Burlington Electric Department received an alert sent out by the […]