7 tips to strengthen online security
Credit to Author: Ryan Francis| Date: Wed, 12 Apr 2017 04:00:00 -0700
Hacked Dallas sirens get extra encryption to fend off future attacks
Credit to Author: Matt Hamblen| Date: Tue, 11 Apr 2017 14:37:00 -0700
Dallas city officials have added extra encryption and other security measures to the outdoor warning sirens hacked early Saturday.
The hack also prompted the city to evaluate critical systems for potential vulnerabilities, City Manager T.C. Broadnax said in a statement late Monday. City officials are reviewing security for financial systems, a flood warning system, police-fire dispatch and the 911/311 system.
To read this article in full or to leave a comment, please click here
Bank gets lesson in the security failings of third parties
Credit to Author: Evan Schuman| Date: Tue, 11 Apr 2017 04:00:00 -0700
The most effective cyberattacks turn the tables on the security measures we take to ward off attacks. We’re always countering the attacks that have worked in the past, rarely thinking about the opportunities our countermeasures might open up.
And opportunities always abound. If malware is being delivered via attachments, we put out memos forbidding employees from opening attachments from strangers. Cybercriminals see this, and they come up with phishing — sending out attachments in emails that appear to come from the recipients’ close co-workers. So then we warn employees to not open an attachment unless it was expected. All right, say the attackers; we’ll just wait for an attachment heads up and then launch our attack.
To read this article in full or to leave a comment, please click here
Suspected CIA spying tools linked to hacks in 16 countries
Credit to Author: Michael Kan| Date: Mon, 10 Apr 2017 11:17:00 -0700
The suspected CIA spying tools exposed by WikiLeaks have been linked to hacking attempts on at least 40 targets in 16 countries, according to security firm Symantec.
The tools share “close similarities” with the tactics from an espionage team called Longhorn, Symantec said in a Monday post. Longhorn has been active since at least 2011, using Trojan programs and previously unknown software vulnerabilities to hack targets.
To read this article in full or to leave a comment, please click here
Hack of Dallas emergency sirens prompts more warnings to bolster cybersecurity
Credit to Author: Matt Hamblen| Date: Mon, 10 Apr 2017 09:39:00 -0700
Dallas emergency management officials continue to investigate a hack that activated all 156 emergency tornado sirens citywide for about 90 minutes early Saturday.
The city declared the sirens were activated Friday night in a hack that officials believe came from the Dallas area.
The event was a warning that businesses and organizations, including cities and emergency operations centers, need to guard against similar breaches, whether they may come from disgruntled employees, hackers trying to pull a stunt, or a more nefarious group working for an enemy state, analysts said.
To read this article in full or to leave a comment, please click here
New ransomware demanded high score on anime-style shooter game not bitcoins
Credit to Author: Darlene Storm| Date: Mon, 10 Apr 2017 09:23:00 -0700
Never underestimate what a person can come up with when he or she is bored as was recently highlighted by the accidental release of a ransomware that required victims to reach an astronomically high score on an anime-style shooter game instead of paying an outrageous ransom in bitcoins.
The Malware Hunter Team was surprised to discover Rensenware; they said the ransomware did not ask “for any money, but to play a game until you reach a score – and it’s not a joke.”
Victims who wanted their files decrypted were required to score over 200 million points in the “lunatic” level of the game TH12 ~ Undefined Fantastic Object.
To read this article in full or to leave a comment, please click here
How to improve Dynamic Lock in Windows 10 Creators Update
Credit to Author: Ed Tittel| Date: Mon, 10 Apr 2017 06:44:00 -0700
When Microsoft released Build 15031 of the Windows 10 Insider Preview on February 8, 2017, it added a new OS feature for Bluetooth-equipped devices. It’s called Dynamic Lock, and lets you control access to your PCs based on how close they — and your Bluetooth-paired phones — are to them. That is, if the phone you’ve paired with your PC (it works for laptops, notebooks, tablets and desktops) is not found within radio range of your PC, Windows 10 turns off the screen and locks the PC after 30 seconds have elapsed. Thus, Dynamic Lock makes a dandy new security feature in Creators Update, one that most business users (or their IT departments) will find worth turning on and using.
To read this article in full or to leave a comment, please click here
Email-based attacks exploit unpatched vulnerability in Microsoft Word
Credit to Author: Lucian Constantin| Date: Mon, 10 Apr 2017 08:08:00 -0700
Attackers have been exploiting an unpatched vulnerability in Microsoft Word for the past few months to compromise computers and infect them with malware.
The first report about the attacks came Friday from antivirus vendor McAfee after the company’s researchers analyzed some suspicious Word files spotted a day earlier. It turned out that the files were exploiting a vulnerability that affects “all Microsoft Office versions, including the latest Office 2016 running on Windows 10.”
The flaw is related to the Windows Object Linking and Embedding (OLE) feature in Microsoft Office that allows documents to embed references and links to other documents or objects, the McAfee researchers said in a blog post.
To read this article in full or to leave a comment, please click here