Wow! This week’s been such a busy news week that the information security (InfoSec) stories kept pouring in, long after I finished this week’s video. The latest? CERT just warned about some critical vulnerabilities in NTPd, a popular network time protocol (NTP) service that many network devices and software uses
The FBI today said it has determined that the North Korean government is responsible for the devastating recent hack attack against Sony Pictures Entertainment . Here’s a brief look the FBI’s statement, what experts are learning about North Korea’s cyberattack capabilities, and what this incident means for other corporations going forward. In a statement released early Friday afternoon, the FBI said that its investigation — along with information shared by Sony and other U.S.
“The next time you call for assistance because the Internet service in your home is not working, the ‘technician’ who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and — when he shows up at your door, impersonating a technician — let him in.
This is a creepy story. The FBI wanted access to a hotel guest’s room without a warrant
Original release date: November 24, 2014 US-CERT reminds users to remain vigilant when browsing online this holiday season. E-cards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments.
Original release date: November 13, 2014 The Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to combat Internet crime, has released a Scam Alert advising the public of an ongoing telephone scam in which callers purport to be an employee of a major software company in order to defraud a targeted victim. Users and administrators are encouraged to review the IC3 Scam Alert for more details, and refer to the Avoiding Social Engineering and Phishing Attacks Cyber Security Tip for information on social engineering attacks. This product is provided subject to this Notification and this Privacy & Use policy.
5 retweets 0 favorites
Original release date: October 22, 2014 Systems Affected Microsoft Windows Overview Ransomware is a type of malicious software (malware) that infects a computer and restricts access to it until a ransom is paid to unlock it. This Alert is the result of Canadian Cyber Incident Response Centre (CCIRC) analysis in coordination with the United States Department of Homeland Security (DHS) to provide further information about crypto ransomware, specifically to: Present its main characteristics, explain the prevalence of ransomware, and the proliferation of crypto ransomware variants; and Provide prevention and mitigation information