Predators and thieves see what you post online
Sometimes people aren't as street smart as they choose to believe. They share personal information online and then act surprised when they become victims of a crime.
I am changing my friends’ names here
Ann took a picture of an envelope and posted it on Facebook. This envelope had her name, address, city, state and zip. She also told Facebook she was leaving town for 10 days to visit a friend in Hawaii. Two weeks later, she told Facebook her home was burglarized. I told her she presented valuable information online to a potential thief. "Ah yes, I think you're right, Mark," she replied.
Jen posted her address and pictures of her home on Facebook. She also told Facebook she was ... Read More
Facebook acknowledges recording
It is not a secret. We share more information at Facebook than at most other online services. Sometimes we forget how much we share and that what goes online never really leaves online. I asked Facebook to export my personal information back on December 28, 2019. Their report read like the most thorough diary every compiled.
"Thanks Mark. I now see how they are collecting too much information about us. I am calling my Congressman. That Zuckerberg guy better fess up to what he is doing." I know you are thinking that.
Read the Terms of Service
Actually, Facebook CEO Mark Zuckerberg has been called into the Principal's Office twice. He testified on April 10, 2018 and October 23, 2019. Congress asked if users could protect ... Read More
Remote Desktop is a big vulnerability
Maybe you use Microsoft’s Remote Desktop feature to connect to your workstation at work from…anywhere. Remote Desktop has been in Windows for 20 years at no extra cost. The network administrator at my target reviews the workstation’s logs through Windows’ Event Viewer. This screenshot is from my research honeypot.
Someone is trying to login to this virtual machine at a ferocious pace
The unlucky soul who has to read these logs finds login attempts are international. My perusal shows login attempts from five IP addresses:
211.72.1.31 in Taipei, Taiwan
24.142.48.215 in Dartmouth, Canada
87.147.195.55 in Olching, Germany
47.185.77.29 in Keller, Texas
91.234.125.163 is in Sosnicowice, Poland
Assuming it is one hacker who either employed a botnet (a series of computers simultaneously tasked with a large task) or is ... Read More
HHS announces new rules
The federal Office for Civil Rights (OCR), part of the Department of Health and Human Services, announced today the issuance of the final conscience rule that protects individuals and health care entities from discrimination on the basis of their exercise of conscience in HHS-funded programs. Just as OCR enforces other civil rights, the rule implements full and robust enforcement of approximately 25 provisions passed by Congress protecting longstanding conscience rights in healthcare.
The final rule fulfills President Trump’s promise to promote and protect the fundamental and unalienable rights of conscience and religious liberty, a promise he made when he signed an executive order in May 2017 protecting religious liberty. In October 2017, the Department of Justice issued guidance encouraging other Departments, including HHS, ... Read More
Office Depot found malware in scans...not really
Office Depot and its tech partner tricked customers into buying unneeded tech support services by offering malware scans that gave fake results, according to the FTC (Federal Trade Commission). Consumers paid up to $300 each for unnecessary services.
The FTC yesterday announced that Office Depot and its software supplier, Support.com, have agreed to pay a total of $35 million in settlements with the agency. Office Depot agreed to pay $25 million while Support.com will pay the other $10 million. The FTC said it intends to use the money to provide refunds to wronged consumers.
Office Depot caught claiming out-of-box PCs showed “symptoms of malware”
Between 2009 and 2016, Office Depot and OfficeMax offered computer scans inside their stores using a "PC Health Check" ... Read More
Triton got into a petrochemical plant
In the summer of 2017, a petrochemical plant in Saudi Arabia experienced a worrisome security incident that cybersecurity experts consider to be the first-ever cyber attack carried out with “a blatant, flat-out intent to hurt people.” The attack involved a highly sophisticated new malware strain called Triton, which was capable of remotely disabling safety systems inside the plant with potentially catastrophic consequences. It all started when someone launched a spear phishing attack and someone else clicked a link they should not have clicked.
Luckily, a flaw in the Triton code triggered a safety system that responded by shutting down the plant. If it hadn’t been for that flaw, the hackers could have released toxic hydrogen sulfide gas or caused explosions. As ... Read More
Phishing and File Sharing
Internet thieves have long used file sharing sites and services to host their malicious files. When they do this, they typically use the underlying service to generate download links that anyone can click without logging in to the hosting service.
Over the past month we started noticing apparently legitimate Dropbox emails pushing links to files with names suspiciously similar to those routinely used by the bad guys. When we clicked the links to check, however, we were greeted with a demand to log in to the service. That's typically been a sign that the files involved were legit.
Still, something wasn't right here. Given the file names presented, we reckoned there was little chance those files were innocuous. So, we decided to log in to ... Read More
Ransomware knocked most systems offline
Officials in Jackson County, Georgia, paid $400,000 to cyber-criminals this week to get rid of a ransomware infection and regain access to their IT systems. The County hired cyber-security consultant to negotiate ransom fee with hacker group. Jackson County officials have not yet confirmed how hackers breached their network.
The infection forced most of the local government's IT systems offline, with the exception of its website and 911 emergency system.
"Everything we have is down," Sheriff Janis Mangum told StateScoop in an interview. "We are doing our bookings the way we used to do it before computers. We're operating by paper in terms of reports and arrest bookings. We've continued to function. It's just more difficult."
Jackson County officials notified the FBI and hired a cyber-security consultant. ... Read More
Office Depot $300 scam - yes, it really happened
I'm sure you've heard something about the Office Depot $300 fraud. For a thorough explanation, see https://cybersafetynet.net/office-depot-faked-malware-scans-to-sell-unneeded-300-tech-services/. Basically, Office Depot's malware scan reported malware on computers that did not have malware. Office Depot then sold an unnecessary $300 service. Today I am writing about how that would look in other industries.
We have a high level of trust in those who provide professional services. We go to them when we sense a problem and need their training, judgement and professionalism to turn the problem into a solution. Let's see how this would play out in another industry.
Electrical
Your kitchen has a refrigerator, microwave oven and coffee maker. You discover that you can run two at the same time, but ... Read More
Is this the best Facebook phishing scam ever?
Scams seeking to harvest online credentials have long tried to replicate known logon pages. But this newly found instance is just about perfect.
In every scam that uses social engineering, the key is to be believable. If it looks right, feels right, has the timing right, etc., the victim is more likely to fall for it. This latest scam seeks to take advantage of a user’s desire to leverage single sign-on (SSO) via well-known websites. In this case, Facebook. Rather than creating (and remembering) countless passwords for an equivalently large number of websites, users will take advantage of identifying themselves via Facebook.
Under normal circumstances, a Facebook API is called which prompts the user to authenticate. But researchers at security vendor Myki have ... Read More