Got Robocalled? Don’t Get Mad; Get Busy.

Credit to Author: BrianKrebs| Date: Sun, 25 Jun 2017 15:24:16 +0000

Several times a week my cell phone receives the telephonic equivalent of spam: A robocall. On each occasion the call seems to come from a local number, but when I answer there is that telltale pause followed by an automated voice pitching some product or service. So when I heard from a reader who chose to hang on the line and see where one of these robocalls led him, I decided to dig deeper. This is the story of that investigation. Hopefully, it will inspire readers to do their own digging and help bury this annoying and intrusive practice.

Read more

FBI: Extortion, CEO Fraud Among Top Online Fraud Complaints in 2016

Credit to Author: BrianKrebs| Date: Fri, 23 Jun 2017 14:09:22 +0000

Online extortion, tech support scams and phishing attacks that spoof the boss were among the most costly cyber scams reported by consumers and businesses last year, according to new figures from the FBI’s Internet Crime Complaint Center (IC3). The IC3 report released Thursday correctly identifies some of the most prevalent and insidious forms of cybercrimes today, but the total financial losses tied to each crime type also underscore how infrequently victims actually report such crimes to law enforcement.

Read more

8 reasons why you should strengthen your iOS passcode today

Credit to Author: Jonny Evans| Date: Fri, 23 Jun 2017 06:57:00 -0700

Every enterprise IT manager knows the ghastly truth: the biggest security weaknesses in any system are the humans using it. So, if you are one of the nearly one-in-ten iOS users (or even the one-in-three Android users) who don’t use a passcode, if you happen to be one of the many who use the same passcode for everything, or even one of the 15 percent of users who still insist on using any of these ten passcodes, then this article is for you. It’s time to toughen up. Here’s why:

To read this article in full or to leave a comment, please click here

Read more

How IT should prep for Apple's public OS betas

Credit to Author: Ryan Faas| Date: Thu, 22 Jun 2017 09:22:00 -0700

As has become Apple’s standard practice in recent years, the company will soon roll out public betas of iOS 11 and macOS High Sierra. Both are expected to arrive by the end of June.

Public betas can be useful for Apple and other tech companies. They accelerate feedback and can ensure that bugs — including ones that internal testing might not spot — get fixed before the final version of an operating system ships. And because public betas are exciting for early adopters who want to play with new features of an upcoming upgrade before everyone else, they tend to generate useful buzz.

To read this article in full or to leave a comment, please click here

Read more

Why So Many Top Hackers Hail from Russia

Credit to Author: BrianKrebs| Date: Thu, 22 Jun 2017 14:29:11 +0000

Conventional wisdom says one reason so many hackers seem to hail from Russia and parts of the former Soviet Union is that these countries have traditionally placed a much greater emphasis than educational institutions in the West on teaching information technology in middle and high schools, and yet they lack a Silicon Valley-like pipeline to help talented IT experts channel their skills into high-paying jobs. This post examines the first part of that assumption by examining a breadth of open-source data. The supply side of that conventional wisdom seems to be supported by an analysis of educational data from both the U.S. and Russia, which indicates there are several stark and important differences between how American students are taught and tested on IT subjects versus their counterparts in Eastern Europe.

Read more

Not the disaster recovery we were expecting

Credit to Author: Sharky| Date: Thu, 22 Jun 2017 03:00:00 -0700

IT pilot fish working for a city government keeps getting complaints from people in the Public Works department that something’s seriously wrong with their documents.

“The Public Works director, his assistant and another part-time employee told me that every time they make changes to a document, they have to keep re-saving their work,” says fish. “They also have to combine all of their work into yet another saved and current complete document.

“I asked the Public Works director to start at the beginning. Are you sharing this file off the server? ‘Yes,’ came his curt and snarky reply.

“OK, which file or folder is your document in? ‘It’s right here.’

To read this article in full or to leave a comment, please click here

Read more

Q&A: AppDynamics CIO sees SaaS as the future of mobile management

Credit to Author: Lucas Mearian| Date: Wed, 21 Jun 2017 03:11:00 -0700

Application performance management (APM) software provider AppDynamics knows the value of a good SaaS platform, both in terms of offering workers the tools they need while keeping control over access to corporate apps and data.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more

Free and cheap ways to learn about IT security

Credit to Author: Eric Geier| Date: Fri, 02 Jun 2017 03:00:00 -0700

Whether you’re an IT student or have been in the field for many years, the learning never stops, especially in regards to security. Hackers are discovering vulnerabilities in our software and systems 24/7. They’ll always find new ways to steal data, infect computers and wreak havoc in the digital world.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more

2 handy yet hidden Chromebook security features

Credit to Author: JR Raphael| Date: Tue, 20 Jun 2017 09:04:00 -0700

Google’s Chrome OS is far more powerful and versatile than most folks realize — and one of the platform’s greatest strengths over traditional desktop OSes is its deceptively simple approach to security.

Chromebooks, you see, make security almost entirely automatic and thought-free from a user’s perspective. The devices receive regular behind-the-scenes updates with no action required on your behalf; they utilize sandboxing to keep every page and application in its own isolated environment; and their software relies on a special hardware-connected setup that ensures every computer is always running tamper-free and official Google software every time it powers up.

To read this article in full or to leave a comment, please click here

Read more

The Microsoft security hole at the heart of Russian election hacking

Credit to Author: Preston Gralla| Date: Tue, 20 Jun 2017 08:29:00 -0700

Russian hacking of the 2016 election went deeper than breaking into the Democratic National Committee and the Clinton campaign — the Russians also hacked their way into getting information about election-related hardware and software shortly before voting began.

The Intercept published a top-secret National Security Agency document that shows exactly how the Russians did their dirty work in targeting election hardware and software. At the heart of the hack is a giant Microsoft security hole that has been around since before 2000 and still hasn’t been closed. And likely never will.

To read this article in full or to leave a comment, please click here

Read more

SSD Advisory – Sophos XG Firewall Path Traversal

Credit to Author: SSD / Maor Schwartz| Date: Mon, 19 Jun 2017 16:17:18 +0000

Vulnerabilities Summary The following advisory describe two (2) vulnerabilities, a Path Traversal and a Missing Function Level Access Control, in Sophos XG Firewall 16.05.4 MR-4. Sophos XG Firewall provides “unprecedented visibility into your network, users, and applications directly from the all-new control center. You also get rich on-box reporting and the option to add Sophos … Continue reading SSD Advisory – Sophos XG Firewall Path Traversal

Read more