FBI Warning: Multi-Factor Authentication Is Being Defeated

The FBI has now warned that it “has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks.” … But according to the FBI, this use of secondary tokens or one-time codes to back-up usernames and passwords still isn’t enough. Unless companies employ “biometrics or behavioral information—such as time of day, geolocation, or IP address,” there is a risk that an attack can either trick a user into disclosing a multi-factor authentication code or use technical interception to create one for themselves. …

Forbes.com click the link to read the rest of the story. Our FREE Tools can help!

What additional security measures do you use?Join the conversation on our Facebook Page!

How The U.S. Hacked ISIS

In August 2015, the NSA and U.S. Cyber Command, the military’s main cyber arm, were at a crossroads about how to respond to a new terrorist group that had burst on the scene with unrivaled ferocity and violence. The one thing on which everyone seemed to agree is that ISIS had found a way to do something other terrorist organizations had not: It had turned the Web into a weapon. ISIS routinely used encrypted apps, social media and splashy online magazines and videos to spread its message, find recruits and launch attacks.  A response to ISIS required a new kind of warfare

NPR.org click the link to read the rest of the story. Our FREE Tools can help!

What surprise you the most about this history?Join the conversation on our Facebook Page!

Ransomware gang uses iTunes zero-day

After discovering evidence of the zero-day, Morphisec reported the issue to Apple, and the OS maker patched it this month. But Michael Gorelik, CTO at MorphiSec, says things aren’t that simple as updating the two Apple apps. Users who used these two apps in the past are also vulnerable.  … Sysadmins must scan workstations for the Bonjour component and remove it by hand, or install the latest iTunes

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you patched this?

Join the conversation on our Facebook Page!

SIM Swapping Is the Biggest Security Threat You Face, and Almost No One Is Trying to Fix It. Here’s Why It Matters

Imagine you try to log into your bank account one day to setup a payment on your mortgage. You realize that something’s wrong when the bank’s website tells you you’ve entered the wrong password. That’s strange, you think as you click the link to “reset your password.”  It’s an easy process, but first, the bank requires that you prove you’re actually you, by sending a simple text message with a six-digit code to the mobile phone number on file. But when you request your code, the text never comes. …

Inc.com click the link to read the rest of the story. Our FREE Tools can help!

Are you using your phone for security authentication?

Join the conversation on our Facebook Page!

Ransomware incident to cost Danish company a whopping $95 million

Demant, one of the world’s largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month.  This marks one of the most significant losses caused by a cyber-security incident outside of the NotPetya ransomware outbreak…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

What would it cost your business, if it took weeks to recover?

Join the conversation on our Facebook Page!

The ultimate smartphone guide to killing spyware and stalkerware

This guide will run through what spyware is, what the warning signs of infection are, and how to remove such pestilence from your mobile devices. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Did you find anything on your smartphone?

Join the conversation on our Facebook Page!

Simjacker attack exploited in the wild to track users for at least two years

Simjack exploits a technology residing on the SIM card, the attack also works independently of the user’s device type.  “We have observed devices from nearly every manufacturer being successfully targeted to retrieve location: Apple, ZTE, Motorola, Samsung, Google, Huawei, and even IoT devices with SIM cards,” researchers said.  The only good news is that the attack doesn’t rely on regular SMS messages…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you suspect that you have been compromised?

Join the conversation on our Facebook Page!

Cybersecurity alert: 34% of vulnerabilities found this year remain unpatched

The overall number of reported vulnerabilities in the first half of 2019 has dropped slightly from last year, but risks remain high

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

How quickly do you patch fixes to these vulnerabilities?

Join the conversation on our Facebook Page!

 

States preparing for ransomware voter assaults

The challenge: lock down the most exposed part of the nation’s election system.  … A ransomware attack in 2020 could prove devastating, preventing voters from registering or poll workers from confirming voter eligibility, officials say.

Cnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you concerned with this threat?

Join the conversation on our Facebook Page!

Ransomware hits hundreds of dentist offices in the US

Hundreds of dental practice offices in the US have had their computers infected with ransomware this week, ZDNet has learned from a source. The incident is another case of a ransomware gang compromising a software provider and using its product to deploy ransomware on customers’ systems.  In this case, the software providers are The Digital Dental Record and PerCSoft…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Was your dentist hit?

Join the conversation on our Facebook Page!

Phishing attacks jump by 21% in latest quarter, says Kaspersky

The number of worldwide phishing attacks detected by Kaspersky hit 129.9 million during the second quarter of 2019, according to a new report from the security vendor.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Have you been hit this year?

Join the conversation on our Facebook Page!

Ransomware attacks have more than doubled this year

Ransomware attacks have more than doubled this year, as criminals turn to powerful new forms of file-locking malware and additional attack techniques to conduct campaigns that are more lucrative than ever before.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Has your business been hit?

Join the conversation on our Facebook Page!

Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks

The threat actor behind the coordinated ransomware attack against multiple Texas local governments may have gained access to its computer systems via a third-party software provider.  According to NPR, which first reported the development, the attackers want a collective ransom of $2.5 million. So far, there are no indications the amount has been paid.

TheNextWeb.com click the link to read the rest of the story. Our FREE Tools can help!

What would you do, if hit by an attack?Join the conversation on our Facebook Page!

The Evolution of Russia’s Dark Web

Mention the dark web to security experts and their thoughts necessarily turn to its birthplace—Russia. From simple hack-sharing site origins, Russia’s cybercrime ecosystem has grown to rival that of its government.  Ahead of releasing a report on the topic, Charity Wright, formerly with the NSA, and Ariel Ainhoren, Research Team Leader at IntSights, graciously summarized this evolution for us here at the Black Hat conference. …

PCmag.com click the link to read the rest of the story. Our FREE Tools can help!

Have you explored the dark web?

Join the conversation on our Facebook Page!

Ransomware Attack Hits 20+ Local Governments In Texas

The number of local government entities in Texas affected by a ransomware attack is now up to 23. In a release Saturday afternoon, the Texas Department of Information Resources said the local governments reported the attacks Friday morning. The majority of them are smaller local governments. …The DIR said it is continuing to investigate the origin of the attack, but at the moment believes it came from a “single threat actor.”

Kut.org click the link to read the rest of the story. Our FREE Tools can help!

How safe is your local government?Join the conversation on our Facebook Page!

How To Hack Your Brain Into Remembering Everything

Before getting into how to hack your brain into remember information there are a couple of things we have to understand when we talk about our brain.  Neurons combine so that each one helps with many memories at a time, exponentially increasing the brain’s memory storage capacity to something closer to around 2.5 petabytes (or a million gigabytes). For comparison, if your brain worked like a digital video recorder in a television, 2.5 petabytes would be enough to hold three million hours of TV shows. … 

Medium.com click the link to read the rest of the story. Our FREE Tools can help!

Have you tried brain hacking?Join the conversation on our Facebook Page!

New cryptojacking malware uses a sneaky trick to remain hidden

A newly-discovered form of cryptocurrency- mining malware is capable of remaining so well-hidden that researchers investigating it found that it had spread to almost every computer at a company that had become infected. … The Monero-cryptomining campaign was uncovered after Varonis’ security platform spotted suspicious network alerts and abnormal file activity on systems within organisations that had reported unstable applications and network slowdown. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you confident your computers are viruses free?

Join the conversation on our Facebook Page!

Top Windows Defender expert: These are the threats security hasn’t yet solved

More danger lurks around the corner as advanced techniques used by state-backed hackers, for example, to steal information, filter down to financially motivated attackers. This threat applies to the continuing growth of file-less malware, supply-chain attacks, and phishing. “We’re seeing the trend of advanced techniques being used to deliver commodity malware. Once the advanced technique becomes public knowledge…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you confident your computers are viruses free?

Join the conversation on our Facebook Page!

Warshipping: new hack tools shipped to your business

Researchers have described a new technique which could be used by cyber attackers to infiltrate corporate setups — with a little help from your friendly neighborhood delivery workers. … Dubbed warshipping, the technique is the result of the researchers’ investigation into possible infiltration methods through package deliveries to the office mail-room — or an individual victim’s front door. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you found odd electronics in packages to your office?

Join the conversation on our Facebook Page!

Microsoft alert: Hackers using IoT to breach business networks

One of Russia’s elite state-sponsored hacking groups is going after IoT devices as a way to breach corporate networks, from where they pivot to other more high-value targets.  Attacks have been observed in the wild said the Microsoft Threat Intelligence Center…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you secured all your IoT devices?

Join the conversation on our Facebook Page!

How businesses can reduce the financial impact of data breaches

The financial impact of a data breach can devastate companies of all sizes but especially small and mid-sized businesses. The study found that organizations with fewer than 500 employees were hit by losses of more than $2.5 million on average… But there are actions that organizations can take to lessen the financial impact, as outlined in the report. …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

How many of their recommendations have you implemented?

Join the conversation on our Facebook Page!

Capital One’s breach was inevitable

Another day, another massive data breach.  This time it’s the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the company’s credit cards dating back to 2005.  That includes names, addresses, phone numbers, dates of birth, self-reported income and more credit card application data — including over 140,000 Social Security numbers in the U.S., and more than a million in Canada.

TechCrunch.com click the link to read the rest of the story. Our FREE Tools can help!

Should government do more?

Join the conversation on our Facebook Page!

66% of SMBs don’t believe they are vulnerable to cyberattacks

The majority (66%) of business leaders at small to medium-sized businesses (SMBs) don’t believe they will fall victim to a cyberattack… While SMBs don’t think they are at risk, a previous study conducted by the Ponemon Institute for Keeper found otherwise: 67% of SMBs experienced cyberattacks within the past year. … The report found a major gap between the awareness and reality of cyberattacks in SMBs. Only 12% of respondents said they realize how likely an attack is on any size company.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Can you business survive the cost of a data breach?

Join the conversation on our Facebook Page!

Capital One Data Theft – What it means for you

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breach played out publicly over several months on social media and other open online platforms.  … That data included approximately 140,000 Social Security numbers and approximately 80,000 bank account numbers on U.S. consumers…

Krebsonsecurity.com click the link to read the rest of the story. Our FREE Tools can help!

What do you do to protect yourself?

Join the conversation on our Facebook Page!

Ransomware: Why cities are now big targets for cyberattacks – and why it’ll get worse

In an emergency meeting of the city council, the administration of Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand... The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month… Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems…  the unfortunate truth is that some organizations still won’t heed the lessons of the recent spate of attacks

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you agree with their decision to pay the ransom?

Join the conversation on our Facebook Page!

Microsoft Warned 10,000 Users Targeted By State-Sponsored Hackers

Microsoft is warning customers that they are being targeted by state-sponsored hackers. Over the last year, the software giant said it had notified 10,000 users that they had been targeted by adversaries working for foreign governments. Some people had also been compromised as a result of these attempts…

Forbes.com click the link to read the rest of the story. Our FREE Tools can help!

Has your business been targeted by foreign governments?  Are you sure?

Join the conversation on our Facebook Page!

Email scammers are now cost businesses $301 million monthly

The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) has run an analysis on suspect transactions in the past year and found that US businesses in 2018 wired around $301 million per month to business email compromise (BEC) scammers.  The $301 million in average monthly losses is far higher losses than the FBI’s estimate…

fincen.gov click the link to read the rest of the story. Our FREE Tools can help!

How does your business rank on the list of targets? What are you doing to protect your business?

Join the conversation on our Facebook Page!

Cybersecurity: Do these six things to protect your company online

Of those companies surveyed … over half of companies (53%) reported losses of between 3% and 10% following a cyber-attack or data breach. But the losses can also be much worse: 6% of businesses consulted in the report said they lost between 11% and 25% of revenue as the result of an incident. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How good is your cyber insurance, training and security?

Join the conversation on our Facebook Page!

Israel issues warning of a new type of cyber attack

Israel issued a warning warning of a new type of cyber attack, using artificial intelligence (AI) technology to impersonate senior company executives. In this method, instructions are given to the companies staff members to perform transactions such as money transfer to perform transactions such as money transfers, as well as malicious activity on the company’s network. …

Gadgetsnow.com click the link to read the rest of the story. Our FREE Tools can help!

How are you protecting your office from such attacks?

Join the conversation on our Facebook Page!