June 1, 2016
An Austrian aerospace parts manufacturer, FACC, had one of the biggest email compromise attacks in history earlier this year. FACC was attacked by fraudsters who stole approximately 50 million Euros, posing as CEO Walter Stephan.
A bogus email, claiming to come from Stephan, asked an employee to transfer the huge amount of money to an account for a – what turned out to be fake – acquisition. FACC’s CEO was fired in February, and this week its 2015/2016 financial results revealed that the company had taken a 41.9 million Euros charge over the fraud, having managed to block 10.9 million Euros from being transferred by the criminals.
May 24, 2016
The Anti-Phishing Working Group (APWG) observed more
phishing attacks in the first quarter of 2016 than at any other time in
history. According to the APWG’s new Phishing Activity Trends Report, the total number of unique phishing websites observed in Q1 2016 was a record 289,371, with 123,555 of those phishing sites detected in March 2016.
Those quarterly and monthly totals are the highest the APWG has seen since it began tracking and reporting on phishing in 2004. Read full report here. Learn how to protect your business from hackers here.
May 19, 2016
A hacker going by the name of “Peace” is offering for sale the database of 167 million LinkedIn accounts, including the emails, hashed and in many cases already cracked passwords of 117 million users. Always create hard to crack passwords to protect your accounts. Read more here about the importance of having unique hard- to- crack passwords.
May 18, 2016
Intuit has recently implemented an update to address a security vulnerability for all supported versions of QuickBooks Desktop software. This update included password controls to verify that the person attempting to access an account is authorized. This has no impact on QuickBooks Desktop for Mac or QuickBooks Online. Read more about how you can protect your business. Click here for more information about cybersecurity for your business.
May 12, 2016
Adobe has issued a security advisory, warning of an as-yet unpatched critical security hole in its popular Flash player software that is reported to being actively exploited by hackers. So, if you’re using Adobe Flash on your Windows, Mac, Linux or Chrome OS computer you’re potentially at risk.
Update May 13, 2016: Adobe issued a patch earlier today which addresses the zero-day vulnerability and other flaws in its Flash product. Full article
Fore more Cybersecurity tips download our FREE Cybersecurity Must Do’s book.
May 10, 2016
How much responsibility should companies take for protecting people’s privacy? Lawmakers should require that all customer data be encrypted. Businesses also should provide free credit freezes. This would block access to the breached credit file by anyone lacking a PIN code. It is the most effective way of preventing hackers and fraudsters from receiving credit in one’s name, says Paul Stephens, the director of policy and advocacy for the Privacy Rights Clearinghouse.
Learn more here about how encryption can protect your personal and business information from hackers.
May 4. 2016
Hundreds of millions of hacked user names and passwords for email accounts and other websites are being traded in Russia’s criminal underworld.
The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia’s most popular email service, and smaller fractions of Google, Yahoo, and Microsoft email users.
Such large-scale data breaches can be used to engineer further break-ins and phishing attacks by reaching the universe of contacts tied to each compromised account, multiplying the risks of financial theft or reputation damage across the web.
April 26, 2016
Has Spotify been hacked? There has been a possible security breach to the Spotify list containing hundreds of account credentials – including emails, usernames, passwords, account type and other details, says popular website Pastebin. Some Spotify users have claimed their profiles were hijacked, and details were changed without knowledge, including passwords and email addresses.
Spotify had security incidents in the past. Possibly, a list of previously compromised accounts is still circulating.
April 18, 2016
Trend Micro has reported that there are two new critical vulnerabilities affecting QuickTime for Windows. Because Apple is no longer providing security updates for QuickTime in Windows these vulnerabilities are never going to be patched. Although there are currently no reported attacks the only way to protect your Windows systems from potential attacks against these, or other vulnerabilities in Apple QuickTime, is to uninstall it. Do it right now! To learn about other cybersecurity must dos watch our FREE cybersecurity webinar.
April 11, 2016
A researcher has developed a tool (called Leostone’s tool) that allows victims infected with the Petya ransomware to unlock their files for free. Petya ransomware started spreading in early March. It is currently demanding about $418 from its victims to release their files. Learn here about Cyber Security Must Do’s to protect your business against cyber crime.
April 5, 2016
The United States and Canada have issued a joint alert on ransomware and the threat it poses to businesses and individuals. In their bulletin, the Canadian Cyber Incident Response Centre (CCIRC) and the United States Computer Emergency Readiness Team (US-CERT), which operates under the Department of Homeland Security (DHS) provided an overview of ransomware and named two new variants, Samas and Locky. US-CERT and CCIRC recommend that individuals and organizations focus on ransomware prevention, including creating a data backup plan, protecting your personal and business data, and maintaining an up-to-date antivirus solution on all computers/devices. For more ransomware prevention tips, please click here.
March 28, 2016
March 22, 2016
The FBI and U.S. Department of Justice decided to postpone today’s court hearing in their effort to force Apple to unlock the San Bernardino case iPhone. The government said that an ‘outside party’ might help them to view the phone’s contents.
After Apple, WhatsApp Under Fire from US Government Over Encryption
March 15, 2016
The Department of Justice is likely to drag Whatsapp (owned by Facebook since 2014) into the encryption war zone, similar to the Apple case. The Wiretap order from the federal judges failed to penetrate the end-to-end encrypted communication of Whatsapp users. Whatsapp is not involved in any of the criminal cases prevailing in the court at the moment (except for the Brazilian drug trafficking case). However, court officials anticipate the chance of this widely used app being widely used by criminals in the nearest future.
March 11, 2016
Graham Cluley, a computer security Guru, urges us in his blog post to run an awareness campaign to make sure that your staff knows about dangers of targeting fishing attacks and about criminals who can forge an email from your CEO.
March 10, 2016
In our original post “FBI vs Apple”, we covered the ongoing FBI case and argued that this was not just about cracking the single San Bernardino shooter’s iPhone. On Thursday the Department of Justice filed their response in the FBI vs Apple case harshly criticizing Apple arguing that Apple had been much more accommodating to the Chinese and that “Apple is one of the richest and most tech-savvy companies in the world, and it is more than able to comply with the [court] order” adding that Apple’s position “flies in the face’’ of American standards of justice.
Apple’s General Counsel, Bruce Sewell, responded with “In 30 years of practice, I don’t think I have ever seen a legal brief that was more intended to smear the other side with false accusations and innuendo, and less intended to focus on the real merits of the case,” adding that the document was a “cheap shot.”
It’s clear now that this case is not about this one iPhone and, as we pointed out in the FBI vs Apple post, the Department of Justice and the FBI want to be able to get access to any and all iPhones, current and future, whenever they please. To up the ante, the FBI is now threatening that they’ll demand the source code of the iOS operating system, the operating system that runs Apple iPhones, if Apple does not comply.
At this point it appears that the Department of Justice and Apple are going to keep firing at each other until this case ends up in the Supreme Court or Congress gets into the act. More here
Apple case has serious and far reaching implications for the public around the world
March 5, 2016
Building a backdoor into the Apple operating system would create security and breach-of-privacy- problems, said David Griffith, Azstec LLC. CEO, and Mark Gibbs, Azstec LLC CTO, in their interview to the Ventura County STAR newspaper.
March 7, 2016
Hackers infected Macs with the “KeRanger” ransomware, a type of malicious software, created to restrict access to a computer system and demand user pay a ransom to remove the restriction.
KeRanger was downloaded about 6,500 times before Apple and developers were able to eliminate the threat.
March 7, 2016
Ray Tomlinson, the US programmer credited with inventing email in the 1970s, dies at the age of 74.
Tomlinson invented the “user@host” standard foe email addresses and applied it at a US government computer network, the internet precursor.