If you are paying attention to the news at all right now, you have noticed the increase in cyber-attacks around the globe. Cyber-crimes are a hot topic and for a good reason. The threat is terrifying but understanding what is indeed happening is a challenge. Within cyber-crime reporting, keywords are being thrown around, and to understand the dangers, you must first understand a few of the basics. One of the topics you may have heard is port scans. First off, what is a port and why is a port scan a threat?
Keylogging. Is it a new concept or just an updated version of Espionage?
Information and specifically confidential data have always had a price, and someone has always wanted to get a hold of it. Documented spies date back in history from the 1st century. Espionage continues to evolve, and we as users of technology must stay on top of how our data is being hacked. Keylogging is one of today’s modern cyber-crimes but has the same basis as ancient spies.
NIST’s Newest Password Guidelines
Gone are the days of the required monthly password changes. NIST, which stands for National Institute of Standards and Technology, released their new guidelines, almost exactly a year ago to date, for password management. These thoroughly researched guidelines are not only recommended by NIST but have also been approved by the Secretary of Commerce. In the past, the recommendation has been to change our passwords monthly and to use extremely complicated passwords which included upper and lower-case letters and special characters. This process definitely had a tendency to lead a great deal of us down the road to a frustrated log-ins which typically ended as relying on a password manager (check back for our upcoming blog) or having to click on the “forgot password” button. We at Pendello understand that Security is not always convenient, but these guidelines are a win-win. They can help protect against the alternative and also make your log-ins a great deal less cumbersome.
FBI announces arrests of 74 involved in a massive phishing scam
Gone are the days when getting tricked merely involved a whoopie cushion or maybe an exploding cigarette. Today the tricks are severe and can include thousands of dollars! Last week, the FBI announced that after a six-month investigation, they had made 74 arrests across seven different countries (including the US) and broke up a significant phishing ring! This Nigerian originating ring targeted mid-sized businesses and tricked these unsuspecting victims into believing they were sending money to business partners! The same type of email phishing scams that stole money from Google and Facebook!
The North Korean Edition of Crouching Tiger, Hidden Dragon
Security is at the forefront of everyone's mind these days and for an excellent reason. Attacks are genuinely coming from every angle. In fact, the FBI has just released a warning about an infamous operation in which the US government has given the code name, Hidden Cobra. These North Korean government-linked hackers have been using two strains of malware to remotely penetrate global systems with the intent to steal passwords and other sensitive data. The tools they are using to gain access are, the remote access tool (RAT) Joanap RAT and the Server Message Block (SMB) worm Brambul and have potentially been using these tools with the same intent since 2009. Remember the 2014 attack on Sony Pictures Entertainment and the WannaCry malware attack….this was the same group.
What is "Phishing" and how do you stay safe?
Phishing isn't one of these new words the "kids" are changing like changing "Fat" into "Phat" for a whole new meaning! Instead, it is referencing a type of cybercrime. Most all of us have received a "phishing" attempt but you may have not even known what it was! Knowledge is the biggest defense when it comes to phishing. If you know what to watch out for, you'll know what not to click on or respond to and hopefully, you can avoid the misfortune of falling victim to these criminals.