How many times do folks need to be told to disable Remote Desktop Protocol (RDP) if it’s not necessary and in use? As Ionut Arghire reports,here’s another reason if you still haven’t addressed the risks to your security. CRYSIS, a ransomware family that emerged last year, is being distributed via Remote Desktop Protocol (RDP) brute…
Category: Commentaries and Analyses
If you’ve been meaning to remind your employees not to fall for the W-2 phishing scam….
If you’ve been meaning to remind your employees not to fall for the W-2 phishing scam, but just haven’t managed to get around to it yet, consider this report yesterday from Wapack Labs about what they’re seeing in marketplaces on the darkweb: Wapack Labs has identified an actor in the Tor-based markets – we have labeled…
While investigating W-2 phishing scam, company discovers they were scammed last year, too (Updated)
The 2017 W-2 Phishing Victims List continues to grow, and I’m not posting most of them as individual reports, but one news story involving Monarch Beverage Company in Indianapolis deserves special mention because as CBS reports: While investigating this incident, the company discovered the same thing happened in April 2016. A scammer posing as the…
India: Over 700 govt websites hacked in 4 yrs
For those who like stats, some data from India, reported by Press Trust of India: More than 700 websites of various central and state government departments were hacked in the past four years, Lok Sabha (India’s Parliament): Of the total of 707, 199 of them were hacked last year, 164 in 2015, 155 in 2014 and 189 in…
United Arab Emirates: Cyber Security And Data Protection Breaches: A Brief Comparative Review
Simon Isgar and Bernadette Pinto of Kennedys write, in part: The Saudi Aramco attack of 2012 has been described3 as the first ‘hackavist-style’ assault to use malware. The attack managed to destroy 30,000 computers within the Aramco network, which were believed by security researchers to have been infected with the Shamoon malware. The consequences faced by…
UK parliamentary watchdog bemoans inconsistent personal data breach reporting within government
The Public Accounts Committee (PAC) said (69-page / 542KB PDF) there are “major and unexplained variations in the extent to which individual departments report security breaches” at the moment, and urged the government to work with the UK’s data protection authority to develop new guidelines on the issue. “The Cabinet Office should consult with the Information…