cyber attacks

Home/Tag: cyber attacks

“No Boom!”

Recently I spoke on a panel hosted by Valley Forge Military College’s Center for the Advancement of Security Studies (CASS) with three other distinguished gentlemen to discuss our country’s outlook on cyber warfare, terrorism and our country’s defenses. One comment made by yours truly got a bit more attention than I thought it would because to me and my colleagues, it’s an obvious statement, but to clients, media and others that we speak with on regular basis, it’s not as obvious. [...]

This is why we preach ‘Layered Defenses’

As they say in the Intelligence Community, ‘our dear friends’ have shared some rather important news and it’s a big deal because you the human can do a lot to prevent the losses that are being yielded to the profiting cyber criminal groups. Ransomware is on the rise. This may come as a surprise to no one because this seems to match the headlines and murmurings that we in the business world hear all day. However this time your ears [...]

Dialing for Personal Data Dollars

Understanding PII and Why Criminals Want It Series 1 of 6 Layer 8 Security wants our community to be safe with their personal information by playing it smart. Please pass this information along to co-workers, family and neighbors. These recommendations will benefit not only yourself but also your workplace. Cyber criminals want your personal data. It is money to them. Stolen data is bought from and sold to other cyber criminals from the black market. There’s a whole network of [...]

ISP Phishing Scam

The BBC is reporting cyber criminals are targeting users with a fake pop-up window designed to look like a legitimate message from the user’s ISP. The message states there is malware on the user’s system and please call the toll free number provided. It’s a scam. But as phishing campaigns go this one is particularly nasty. Criminals are using the credibility of real ISPs to attack consumers. http://www.bbc.com/news/technology-36084989 The attacks so far have occurred in the US, Canada, and Great [...]

Good advice can lead to bad cybersecurity choices

  Generation Y and Millennials have a skewed view of cybersecurity. They are told constantly “be careful what you post; once it’s on the web it’s there forever.” Good advice. Unfortunately this has given the impression to 16-34 year olds that they can retrieve their data from sources other than their PC, phone or tablet, namely the web! Ransomware in particular is not seen as a threat. Ransomware is malicious software designed to take over a PC or other Internet [...]

Why Spear Phishing and Social Engineering Work

Why Spear Phishing and Social Engineering Work People are the weakest link when it comes to cybersecurity. Why do they click on an embedded link contained in an email. Why do they open what looks like a suspicious email in the first place? Successful ransomware and spear phishing attacks continue to be on the rise; in February a Los Angeles hospital paid $17,000 to hackers in order to “free” their computers. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html So far this year the FBI estimates $200 [...]

Tactics of the Attacker – New European Spear Phishing Campaign

Tactics of the Attacker - New European Spear Phishing Campaign Cyber criminals are taking ransomware to a new level. The BBC is reporting consumer personal information is being stolen from unsecured databases. See here for details: http://www.zdnet.com/article/new-phishing-attack-knows-your-address-and-brings-ransomware/ That data is then used to create carefully crafted spear phishing email. The emails have names, addresses, etc of the user. The email comes in the form of a collection letter,demanding money for an unspecified service or overdue bill. The email looks legitimate. [...]

VPN: Protecting the Business Traveler

Business travelers and anyone who frequent public WiFi hot spots are especially vulnerable to cyber attacks.  You never know who is also on the free WiFi, and what they might be doing. Eavesdropping for user data at these places is easy and can yield a treasure trove of information to a hacker. Businesses have been using Virtual Private Networks (VPN) for years; enabling employees to safely connect to the business network from a remote location. Company laptops are routinely supplied [...]

Caveat Emptor

Stolen credit card data is no longer the prize. Cyber criminals want Personally Identifiable Information (PII). PII sells for 20 times that of credit card information. One credit card record sells for $1 on the blackmarket. One record of PII sells for $20. The healthcare industry is plagued daily by cyber attacks looking to obtain this information. However, there are regulations and laws in place to secure this information in the healthcare sector. This is not the case in retail. [...]

Savvy New Android Malware – Buyer Beware

The FBI has identified two new kinds of Android Malware; SlemBunk and Marcher. These are  designed to target US financial institution customers.  These two bugs are phishing for specified US financial institutions’ customer credentials. The malware monitors the infected phone for the launch of a targeted mobile banking application to inject a phishing overlay over the legitimate application’s user interface. The malware then displays an indistinguishable fake login interface to steal the victim’s banking credentials. The malware defeats two factor [...]