About Over 50 Articles Library
Content: Services - Computer
Computer Security No 37: Cyber-savvy New Year's Resolutions
Corporate - Private Computer Security
Cyber-savvy New Year's Resolutions
A new phishing campaign (attempt to obtain sensitive info by disguising as a trustworthy entity) is targetting Gmail users. Attackers compromise a victim's Gmail account, then start rifling through inboxes to launch secondary attacks in order to propagate the malware.
Firstly, they look for an attachment the victim had previously sent to their contacts on a relevant subject from an actual sent email. The phishing attack uses thumbnailed versions of attachments that look like a PDF file. Once clicked, victims are redirected to phishing pages which disguise as the Google sign-in page.
To read the whole article, please go to:- http://thehackernews.com
The Cartapping game
Forbes recently revealed documents shown in court about "cartapping" done in US by the Feds for the last 15 years. Any device that is connected to Internet (think GPS, SiriusXM technology, Echo devices from Amazon) can be tapped into.
1. 2016 - Apple sued by FBI refused to allow a backdoor into the work phone of San Bernardino massacre killer
2. 2016 Arkansas murder - Amazon asked to hend over audio from the suspect's Echo - Amazon refused
3. 2014 warrant - allowed NY police to trace a vehichle by demanding the satellite radio and telematics provider SiriusXM to give the location info (installed on a Toyota 4-Runner used in an alleged gambling enterprise) - SirusXM complied
4. 2009 - police asked GM to give OnStar data from a Chevrolet Tahoe rented by a cocaine dealer; they followed him from Texas to Louisiana, stopped him and arrested the suspect
4. 2007 heroin dealer was tracked after OnStar was ordered to reveal the location of the suspect's GMC Envoy SUV; was stopped and arrested
There are arguments on both sides of the story (infringing on our privacy vs catching criminals). The laws are slow in trying to catch up with the development of technology.
My concern lies in the potential misuse of privileges that law enforcement agents can access.
To read the whole article:- http://forbes.com
Ransomware evolves and its name is Doxware
Many companies have figured out that can avoid ransomware attacks if they wipe the systems clean and restore them with backups, then go about business without paying the ransomware.
This has challenged the hackers to create doxware. With doxware, the hackers take the attack further, by compromising the privacy of conversations, photos and sensitive files and threatening to release them unless the ransomware is paid.
The article that explain this in more detail:- www.darkreading.com
Also, Popcorn Time (not affiliated with the Popcorn Time piracy app), is asking victims to pay 1 Bitcoin or you can get out if you infect two people.
This taps into our eat-or-be-eaten instincts. The bad guys are making a lot of money out playing our instincts.
To read more, please go to:- https://www.wired.com
Course on Cyber Security & Privacy for Directors and Senior Managers
Are you prepared for an attack?
Are you aware of your obligations and defence as a director or officer of the companyt?
Have you taken the necessary steps to mitigate the consequences of a cyber attack?
The topics include:
- Define and understand Cyber security
- Identify Directors Cyber obligations in the Corporate Governance context
- Discuss Cyber risk management
- What can you do as a Director and what questions to ask
- Steps required to create a Cyber Strategy (Board level)
Send your enquiries to: - firstname.lastname@example.org
Memories of jokes
(NSA = National Security Agency in US).
Have a good and cyber-safe weekend!
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© About Over 50s 2017 website by aml websites online