Locky Ransomware – What It Is and How To Defend Against It

ransomwareThere has been a lot of chatter about a new ransomware being called Locky due to how it renames the files to .locky after encrypting the data. Darkreading posted an article HERE explaining some recent news and Sophos also did a good write up HERE. This post will talk about what Locky is and how to protect your organization from Locky as well as other ransomware. Continue reading

VN:F [1.9.22_1171]
Rating: 4.9/5 (7 votes cast)

Electronic Pickpocketing – Check Your Credit Card

RDIFChannel 13 hosted a short segment on the risk of using RFID enabled credit and debit cards. RFID means the card broadcasts the sensitive information over radio frequency so the consumer just has to swipe the card near a reader to buy something. With this convenience comes the risk of a malicious party using a wireless sniffer to capture the same data. This means the malicious party can pick your pocket without having to touch the card IE they can capture the credit card data over the radio and print their own card. In the video, the presenter copies a capture credit card to his hotel room key and makes a purchase using room key with the stolen data as if it was the original credit card. It is pretty easy to do. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

How To Taunt Spammers For Fun And Goodwill

scam-ahead-sign-368pxThere are a ton of computer scams targeting all types of people. Some come in the form of emails claiming to provide something in exchange for a small sum with the goal of stealing that small sum. Others come as a instant message from a friend’s compromised account asking for financial help due to some bogus emergency. There are too scams many to prevent however we can all come together and start investing efforts to waste spammers time. This way they are not using their time to trick another person. One group that has come together with this goal is the 419 Eater found HERE.

In this post, I’ll show you how I like to have fun messing with spammers. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

How To Prevent And Remove Ransomware

ransomeware200Comparitech.com wrote a helpful post about Ransomeware. This continues to be a hot security topic hitting many of my customers. For those that don’t know, Ransomware is malware that encrypts your files and holds them for ransome requiring a bitcoin payment to unlock them. The original post can be found HERE.

While ransomware has existed since around 1989, in the form of the “AIDS” trojan which encrypted files on a hard drive and then demanded a payment of $189 to unlock them again, it is only in the last few years that it has become a significant and global threat. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Beware of Grandparents ID Scam Leveraging Social Networks

ElderScamSocial engineering is all about abusing trust. Many of the phishing attacks found online have the goal of stealing money using tactics such as requesting money for some bogus lost relative. The average “Millennial” has seen this spam however the people behind these scams are taking a all time low approach by targeting elderly family members who are more likely to fall for these tricks.

This post will cover a scam that some of my coworkers have claimed was targeted at their family. In summary, attackers are levering social media to identify relatives of people, reaching out to their grandparents and asking for money while pretending to be a grandchild in trouble. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Best Practices For Choosing Training Classes And Boot Camps

Training1If you are in the IT industry, most likely you will need to keep up with technology by obtaining a certification, attending a product training, attending a boot camp or a combination of these. I’ve gone through many different programs and have a few lessons learned that could help you with your future education planning. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

List yourself as any number using listyourself.net

Screen Shot 2015-10-30 at 6.49.29 PMSocial Engineering is all about tricking somebody into acting a way you want them to act. A common tactic is having them click a link using a phishing attack such as a fake UPS delivery link around Christmas or cloning a popular website such as Facebook. Sometimes a target may question the authenticity of the source attempting to contact them. One way to fake your identity is to use listyourself.net by listing your phone or burner phone as a fake identity used in your social engineering scam. That website is http://www.listyourself.net/ Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)