Cybersecurity
-
World Cybersecurity Forum (1st Quarterly Clubhouse Edition)
We held the first World Cybersecurity Forum this past week and it was a great success! The World Cybersecurity Forum was a 24-hour event held for the first time this year on Clubhouse! The event featured cyber experts from around the world, and was an event open to all with the mission of demystifying cyber, creating awareness and answering the public’s questions. The World Cybersecurity Forum believes that cybersecurity is EVERYONE’S responsibility. Organized by Jacqueline Jayne, Security Awareness Advocate at KnowBe4, Jacqueline or, JJ, for short, can be found on LinkedIn. The session aimed to bring the best minds together from around the world to talk about all things cyber.…
-
News & Notes: July 30, 2021
Estonia arrests hacker who stole 286K ID scans from govt database. Mozilla Firefox to roll out DNS over HTTPS for Canadian users Windows 11 includes the DNS-over-HTTPS privacy feature – How to use
-
News & Notes: July 29, 2021
U.S. President Joe Biden: Severe cyberattacks could escalate to ‘real shooting war’ with a major global power: “You know, we’ve seen how cyber threats, including ransomware attacks, increasingly are able to cause damage and disruption to the real world,” Biden said during a speech at the National Counterterrorism Center of the Office of the Director of National Intelligence. “I can’t guarantee this, and you’re as informed as I am, but I think it’s more likely we’re going to end up — well, if we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great…
-
News & Notes: July 28, 2021
Twitter will soon let you log in with your Google account. “Twitter has started testing a new feature that allows users to sign up for an account using their existing Google account.” via Bleeping Computer eScan’s Mobile Security Application Capable of Detecting and Blocking Pegasus Spyware. The Global Spyware Market Index Report from Top10VPN.com revealed some startling statistics: 74 countries have bought and/or used invasive spyware technology since 2015. Spyware firms: 86% are based in countries considered full or flawed democracies by the EIU. Suspected customers: 55% are authoritarian or hybrid regimes, with only 7% considered full democracies. FinFisher has the most reported state customers (34), followed by Circles (25),…
-
News & Notes: July 27, 2021
Apple Issues Patches for CVE-2021-30807 Just about a week after Apple issued a series of patches for macOS, iOS & iPadOS devices, yet another series of patches has been released this week. Yea Ching, ISC Handler (Twitter: @poppopretn) posted a diary alerting us to this new bug discovered by an anonymous researcher. The issue revolves around the IOMobileFrameBuffer. ”This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges. This issue may have bee actively exploited.” For macOS Big Sur 11.5.1: IOMobileFrameBuffer Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is…
-
What is the NSO Group Pegasus Spyware Software? How Does Pegasus Hack Phones?
There was a flurry of news this morning about NSO Group, an Israeli tech firm, and the Pegasus spyware that produces. Al Jazzeera has some interesting reporting and have been following the story for a while. Back in December they reported about their journalists being hacked. “Based on this, we handed the phone to Citizen Lab, who found that the phone was hacked by spyware called Pegasus, which is developed by NSO, an Israeli company,” said Almisshal. “This hacking was done by a so-called zero-click technique where they can access cameras and track the device. They also found that operators in the UAE and Saudi Arabia were behind this hacking.…
-
CompTIA Security Plus + Full Course [VIDEO]
Security+ Full Course video from YouTube. **** Topics Discussed **** Introduction to Network Devices (part 1) (0:00) Introduction to Network Devices (part 2) (8:06) Introduction to Network Devices (part 3) (15:50) Secure Network Administration Concepts (34:00) Cloud Concepts (41:00) Secure Network Design Elements and Components (48:00) Common Network Protocols (part 1) (55:20) Common Network Protocols (part 2) (1:01:00) Common Network Protocols (part 3) (1:08:00) Wireless Security Considerations (1:13:54) Risk Related Concepts (part 1) (1:23:12) Risk Related Concepts (part 2) (1:29:43) Risk Related Concepts (part 3) (1:36:08) Integrating Data and Systems w Third Parties(21:50) Risk Mitigation Strategies (1:41:27) Basic Forensic Procedures (1:46:17) Incident Response Concepts (1:54:15) Security Related Awareness and Training…
-
What is a social engineering attack?
Social engineering is using human interaction (social skills) to obtain or compromise data/information about an organization or its computer systems. This information can them be used to deploy an attack and/or penetrate a network further. Social engineering attacks are particularly dangerous because they prey on our human instincts, interactions and dealings with people and our contextual environment. An attacker may not fit the stereotype we hold in our heads. Social engineering preys on the fact that humans will have our guard up for natural signs of danger and natural enemies, but things get fuzzy when the distinction is not so clear. In social engineering, the attacker may seem unassuming, respectable…
-
News & Notes: Kaseya Suffers Massive REvil Ransomware Attack Over Weekend
Over the holiday July 4th weekend some big news hit. There was a massive REvil ransomare attack on Kaseya, an American software company. Reported to us by SANS Daily StormCenter Podcast, news is still developing here, here, and here about the extent of the damage, which is not fully known but expected to be significant. Kaseya provides IT management software to MSPs (Managed Service Providers) and IT teams to improve efficiency and security, and allowing small to medium-sized businesses to manage their IT assets, service desk and more. Biblio: SANS Storm Center Podcast
-
Virtual Machines VM’s Are Being Used to Hide Ransomware Activity
As society continues to embrace all things cloud and move more toward virtualization, this field becomes a ripe target for malicious actors (bad people). We are now seeing the use of VMs to implement and hide malicious activity including ransomware. The tactic involves hiding the ransomware payload in a virtual machine on infected hosts. The use of a VM is to provide stealth and help avoid detection for as long as possible. Hosting encryption software within a self-started VM means that typical anti-virus software will not detect it! And when the VM is closed down, it removes a significant amount of possible forensic evidence with it! That’s not good. Some…
