dcsimg

UK law enforcement: an uphill struggle to fight hackers

About 16 years ago in the UK, I walked into a local police station to report a computer crime, because walking into local police stations is how they did things back then. There may well also have been penny farthing bicycles, real pea souper fogs, Mary Poppins, and Jack the Ripper, though I could well be wrong on those last two. I was greeted at the incident report desk by a bemused officer on … [Read more...]

Recognize a phishing attack, then stop it dead in its tracks

We would like to think we can outsmart the bad guys who are trying to phish for our personal data. Learn how to get one step ahead of their hacking attempts. … [Read more...]

Researchers discover vulnerabilities in smart assistants’ voice commands

Virtual personal assistants (VPA), also known as smart assistants like Amazon’s Alexa and Google’s Assistant, are in the spotlight for vulnerabilities to attack. Take, for example, that incident about an Oregon couple’s Echo smart speaker inadvertently recording their conversation and sending it to a random contact. Or that time when the Alexa started laughing out of the blue. Indeed, something … [Read more...]

Two major Canadian banks blackmailed after alleged data breach

While the US was celebrating Memorial Day on Monday, Canada was dealing with an unusual data breach affecting two popular financial institutions: Simplii Financial and the Bank of Montreal (BMO). The CBC broke the story and updated it throughout the day to mention that some 90,000 customers were possibly affected by this attack which the banks say they became aware of on Sunday, just one day … [Read more...]

SEO poisoning: Is it worth it?

Search Engine Optimization (SEO) poisoning basically comes down to getting your web page high in the rankings for relevant search results without buying advertisements or using legitimate, but tedious, SEO best practices. Instead, threat actors use illegal means to push their page to the top. Sometimes, this technique is also referred to as black hat SEO. (Although the people selling these … [Read more...]

Why you need to report cyber attacks

Once you’ve been hit by a cyber attack, the damage has already been done. There’s no way to make the disruption disappear, so you might suppose it’s best to just get on with things. Reporting the incident to your supervisory authority means extra work and could cause a PR nightmare. Nonetheless, it’s essential that you notify relevant parties of the breach. The attacker is a criminal, and it’s … [Read more...]

57 technical terms that all true geeks should know

Every culture and trade has its own secret language known only to the initiates, but in today’s post we’re going to look at 57 of the oddest/strangest/most obscure terms we use in what, to us, is everyday language. … [Read more...]

Perspectives on Russian hacking

Russia is an endlessly fascinating subject both in and around infosec. Recent years have shifted attention away from pure malware capabilities, to psyops, social engineering, and an endless slew of mind games designed to destabilize and keep nations ever-so-slightly off balance. Security firms in some countries claim Russia would “win” in a so-called cyber war; elsewhere, whole nations … [Read more...]

Police arrest criminal hacker who stole €1 billion from banks

Spanish police have arrested a Ukrainian criminal hacker who is suspected of heading a gang that stole more than €1 billion from banks around the world. The suspect, who hasn’t been named, used Anunak, Carbanak and Cobalt malware to hack into banks’ computers and manipulate money transfers. Twenty members of the suspect’s gang were also apprehended in a series of arrests across Romania and … [Read more...]

Panerabread.com breach could have impacted millions

Customers who signed up for a Panerabread.com account in order to order fast-casual baked goods may want to guard their dough. Security researcher Brian Krebs reported yesterday that the website for the bakery chain leaked millions of customer records, including names, emails, physical addresses, birthdays, and the last four digits of customers’ credit card numbers. Until Monday, millions of … [Read more...]