I traveled this week by plane to a client to conduct a cybersecurity tabletop exercise—one of my favorite things to do (the tabletop, not the flying).
To be able to use the wi-fi, everyone instructed in the gate area was told over the loudspeaker that we had to download the airline app on our phones,
The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.”
According to
Unscrupulous criminals use crises to their advantage. Scammers are using the conflict in Ukraine to bilk money from people trying to help those impacted from the attacks. There are numerous accounts of scammers using old techniques to defraud people from funds and personal information.
We all want to help and what is unfolding in Ukraine
In an action against what has been described as one of the largest hacker forums in the world, the U.S. Department of Justice (DOJ) announced on April 12, 2022, that it has taken down RaidForums’ website and arrested its founder/administrator. According to DOJ, the domains seized were “Raidforums.com,” “Rf.ws,” and “Raid.lol.”
In its announcement,
Microsoft released its monthly patches this week to fix 128 vulnerabilities, including 10 rated as critical, 115 as important, and three flagged as moderately severe. One of the vulnerabilities (CVE-2022-24521 Windows Common Log File System Driver Elevations of Privilege) is being actively exploited by APT groups according to the National Security Agency, so addressing this
Scammers use familiarity to get victims to fall for their scams. One way to do that is to spoof a cell phone number from the same area code to make the targeted person think that the person calling or texting them is someone they know. When the call is answered, it is a recording or
The Department of State’s new Bureau of Cyberspace and Digital Policy (CDP) commenced operations on April 4, 2022. According to an announcement, the “CDP bureau will address the national security challenges, economic opportunities, and implications for U.S. values associated with cyberspace, digital technologies, and digital policy.”
The bureau consists of three policy units: International
In a win for global law enforcement, Germany’s Bundeskriminalamt (BKA) announced on April 5, 2022, that it had officially taken down the infrastructure of Hydra, a Russian-based, illegal dark-web marketplace that has allegedly facilitated more than $5 billion in Bitcoin transactions since its inception in 2015. In the process of shutting it down, German authorities
On April 5, 2022, the U.S. Department of Treasury Office of Foreign Assets Control (OFAC) sanctioned darkweb Hydra Marketplace and virtual currency Garantex and added both to the Specially Designated Nationals List (SDN) [view related post].
On October 1, 2020, OFAC issued a Ransomware Advisory “to alert companies that engage with victims of ransomware
In addition to teaching your kids about financial literacy, teach them (and yourself) to identify scams that are designed to steal from you.
One scam that has made a comeback and is surprisingly successful is spoofing through an email or text that asks you to either buy gift cards or pay for something with