KnowBe4 Security Awareness Training Blog

Homeland Security: Security Education Deterred Cybercrime

Posted by Stu Sjouwerman on Nov 26, 2014 12:56:25 PM

HS_today

Homeland Security Today has a good article which explains that cybersecurity education, including employee training and awareness programs, is vital in deterring cybercrime. The PricewaterhouseCoopers 2014 US state of cybercrime survey showed 42 percent of respondents indicating security education played a role in deterring a potential criminal. This shows that organizations have to make sure the necessary funds are devoted to these programs.

“The financial value of employee awareness is even more compelling," the survey report said. "Organizations that do not have security awareness programs—in particular, training for new employees—report significantly higher average financial losses from cybersecurity incidents. Companies without security training for new hires reported average annual financial losses of $683,000, while those do have training said their average financial losses totaled $162,000.”  Full article at:

http://www.hstoday.us/industry-news/general/single-article/us-cybersecurity-practices-fail-to-keep-pace-with-cyber-adversaries/170a083812f4f52eb11575675d8739a0.html

 

CyberheistNews Vol 4 #46 "New Stuxnet" Discovered Called Regin

Posted by Sandy Vandebult on Nov 25, 2014 9:37:00 AM

CyberheistNews Vol 4 #46 Nov 25, 2014

The "New Stuxnet" Discovered Called Regin - How Does It Work?

Symantec researchers discovered "the new Stuxnet", but it has been in operation since at least 2006. Obviously a highly advanced spying tool, better than the best malware out there. If you look at the list of countries infected, it is clear that this is built by the USA with perhaps some help from others.

The NSA is likely behind this one, and Symantec published a 22-page report and blog post on the Regin malware, which it described as a powerful cyberespionage platform that can be customized depending on what type of data is sought. Here is a link to their PDF:
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf

If Regin does turn out to have been active and hidden for 8 years, the discovery means that nation states are still having a 100% success rate in avoiding all antivirus products, which is very bad news for companies trying to protect their networks and crown jewels.

Symantec has been quietly trying to analyze this critter for the last 12 months. It has five separate stages, each one depending on the previous stage to be decrypted. It also uses peer-to-peer communication, which avoids using a centralized command-and-control system to exfiltrate stolen data.

It's also not clear yet how users become infected with Regin. Symantec figured out how just one computer became infected so far, which was via Yahoo's Messenger program. Possibly the user was a victim of social engineering, but it could just as well be a zero-day in Messenger itself which infects a PC without any interaction from the user.

In any case, stepping your users through effective security awareness training is a very good idea with malware like this out there. Find out how affordable this is for your organization today.
http://info.knowbe4.com/kmsat_get_a_quote_now

How Hackers Exfiltrate Corporate Data Using Video

Hackers have turned to cloud services to make large data transfers outside of hacked sites. The latest trick uses consumer video sites. There are two reasons that video sites are a great way to steal data. The first one is that they are widely allowed by companies and used by employees for legit things like training, demos and company marketing. Second, when a hacker needs to exfiltrate a lot of data, disguising it as video makes sense, because video files are usually large, and make up a very large part of network traffic.

How the Attack Works

Once the attacker has the crown jewels, they split the data into compressed files of identical sizes, similar to how the RAR archive format transforms a single large archive into several smaller segments. Next, they encrypt this data and wrap each compressed file with a video file. In doing so, they make the original data unreadable and further obscure it by hiding it inside a file format that typically has large file sizes. This technique is sophisticated; the video files containing stolen data will play normally.

They upload the videos containing stolen data to a consumer video sharing site. While they’re large files, it’s not unusual for users to upload video files to these types of sites. If anyone checked, the videos would play normally on the site as well.

After the videos are on the site, the attacker downloads the videos and performs the reverse operation, unpacking the data from the videos and reassembling it to arrive at the original dataset containing whatever sensitive data they sought to steal. Here is the chalktalk how it works: http://youtu.be/lFKn1agkNXA

What To Do About It:

You need next-generation breach detection. These tools solve, in essence, a classic big-data problem. To be effective, these tools need to analyze a great variety of data in high volume, and at great velocity, to determine potential breaches. Most important, the tools must be precise; too many false positives and their reports will quickly be ignored, which is what happened at Target. A new crop of next-generation startups are working on this, for example:

Skyhighnetworks
http://www.Skyhighnetworks.com
Bit9
http://www.bit9.com/
Cybereason
http://www.cybereason.com/
Exabeam
http://exabeam.com/
Fortscale
http://www.fortscale.com/
LightCyber
http://lightcyber.com/
Seculert
http://www.seculert.com/
Vectra Networks
http://vectranetworks.com/

And obviously you would start with stepping all employees through effective "new school" security awareness training, because 91% percent of successful data breaches start with a spear-phishing attack. Ask for a quote and find out how affordable this is for your organization:
http://info.knowbe4.com/kmsat_get_a_quote_now

The Industrialization of Hacking

Here is some data to help you get more IT security budget. This is a very short summary, but it's got the essentials for management.

Cybercrime has gone pro. Stealing data is big business, either hacking into companies and steal credit card data and sell this in the cyber underground market, or to gain access to your organization's intellectual property (designs and/or source code) which allows a foreign competitor to instantly catch up on your years of very expensive R&D.

The last 5 years, a revolution has taken place in hacking. What once was a hobby is now done at industrial-scale with 100% criminal supply lines, facilitated by escrow services. These teams of black hats are extremely well-funded, and backed by organized cybercrime cartels and nation states. The Financial Industry has recognized this and is doubling their IT security budget. You should take their example before your organization is on the front page of the newspaper as the next data breach.

2015 Kevin Mitnick Security Awareness Training Released

KnowBe4 built the first fully integrated security awareness training and phishing platform, and we are excited to release the yearly refresh which will make your human firewall even stronger.

This brand-new, high quality web-based interactive training uses case-studies, live demonstration videos and short tests along with automated phishing tests. The earlier case studies were replaced with new, recent ones: Target, Home Depot and Chase Bank. With the surge of ransomware like Cryptolocker and CryptoWall in 2014, Kevin Mitnick's videos were updated and now include this new threat of ransomware.

The training specializes in making sure employees understand the mechanisms of spam, phishing, vishing, spear-phishing, malware and social engineering and also includes a condensed 15-minute version for executives that specifically focuses on Advanced Persistent Threats..

The course is available in your console, but you need to click the course itself, and then the "Visible to users" checkbox to make it available for your users. Ask your Customer Success Manager for more detail.

We have also translated 13 Hints & Tips Templates in German, French, Italian, Spanish, Chinese and Swedish. They are available in your Campaign Template pull-down menu. Soon you will also see more international phishing security test templates.

Quotes of the Week:

"The beginning of wisdom is to call things by their right names." - Chinese Proverb

"Spiritual relationship is far more precious than physical. Physical relationship divorced from spiritual is body without soul." - Mahatma Gandhi

 

Warm Regards, Stu Sjouwerman | Email me: feedback@knowbe4.com

PCI DSS 3.0 Compliant In Half The Time At Half The Cost

It's time to get and stay PCI DSS 3.0 compliant. Now that the new 3.0 standard goes into effect, it's a great time to start using a new tool that will save you half the time and half the cost becoming compliant: KnowBe4 Compliance Manager 2015.

It comes with a pre-made PCI DSS 3.0 template that you can immediately use to get compliant and maintain compliance in a business-as-usual process.

Escape from Excel-hell!

Most organizations track PCI compliance using spreadsheets, MS-Word, or proprietary self-maintained software. This is inefficient, error prone, costly, and a risk in itself. Get and stay PCI DSS 3.0 compliant in half the time and at half the cost with KnowBe4 Compliance Manager™.

Get a short, live web-demo, and we will show you how easy and affordable this is!
http://info.knowbe4.com/_kcm_pci_30-0

Software Support Cybercrime Scam

This week the FTC shut down a $120M tech support scam that consumer software buyers should be aware of. Two telemarketing firms were at the center of this FTC investigation, but there are many more that have yet to be shut down.

This type of scam has evolved into an extremely lucrative business practice that many consumer software companies are now pushing on their paying customers.

Typically when software is purchased online, customers receive a link to download the software with a license key to activate the service.

In an attempt to get as many customers calling in to these support call centers, many software companies are not delivering the link to download or the license key to activate their newly purchased software.

Instead, customers are instructed to call these tech support centers for "Activation Assistance" or "Installation Assistance". This is a dirty trick to get as many people calling into these support call centers as possible. In most cases, a free PC diagnosis is offered and the telemarketer will remotely access the customer's computer and use social engineering to sell needless tech support services.

I had the pleasure of speaking with the owner of one of these remote tech support firms and what I learned was astonishing. As a digital marketing professional for a software company, the conversation started off with an offer to pay $5 for every phone call I could refer to a call center in India. This is an alarming high amount to pay for each phone call, so I assumed a high number of those calls would turn into paying customers, but I had no idea how many. Through this discussion I learned that 30% of US customers who call into telemarketing centers are purchasing these types of tech support services. WOW!

Software companies stand to gain in some cases 40-50% on each sale they refer to these call centers, in some cases that's an additional $150-200 from customers who purchased a $30 piece of software. In some verticals such as registry repair, PC cleaners and driver updating software, it is actually hard to find a software company that is not referring customers to these types of call centers because the sheer amount of revenue that is produced.

Avoiding this scam is easy. Before you purchase software online, try to make sure that you will instantly get your license key. In case you are instructed to call a support number to "activate or install" the software you just purchased, you should request a refund right away. These types of software companies are putting their customers at risk and are not the type of company you should trust. (Hat tip to Kara Kritzer)
http://www.networkworld.com/article/2849636/security0/ftc-gets-federal-court-to-shut-down-120m-tech-support-scam.html

InfoSec Pro Industry Survey - Enter For An iPad!

As a leading information security professional, you know better than most what key issues the industry is facing now, and have good insights into what's looming on the horizon. Let your voice be heard!

(ISC)2 is conducting its 6th Global Information Security Workforce Study (GISWS). All survey participants will be entered into a raffle for a chance to win one of six (6!) iPads. Survey results will be available in early 2015. Don't miss your chance to be a part of this important industry survey!
https://fasus.dubinterviewer.com/scripts/dubinterviewer.dll/Frames?Quest=10814777&Ban=29

2015 Prediction: Expect Massive Spikes In Global Information Security Threats

By Frank Ohlhorst at TechRepublic wrote: Global security threats will continue to increase next year and are as certain as death and taxes, according to a recent report.

Increases of global information security threats remain as much a certainty as death and taxes, at least according to the latest Information Security Survey from PWC. That report, which was published in October, highlights several troublesome trends and provides valuable information for those concerned with enterprise IT security. Nonetheless, interpreting the information delivered into applicable best practices remains a challenge for many IT security professionals. Especially those who will be assigned the task of keep their organizations from becoming one of the latest statistics in the battle against cybercrime.

PWC rightly points out that cyber security has become a persistent business risk and that threats (both to the economy and intellectual property) are on the rise. The report goes on to identify some very troubling incidents, including:

More than half (53%) of global securities exchanges have experienced a cyber attack (IOSCO Survey) In South Korea, some 105 million payment card accounts were exposed in a security breach (Symantec Corp) City officials in Verden, Germany announced the theft of 18 million email addresses, passwords and other information (TechWeek, Europe) Cyber thieves stole more than $45 million from worldwide ATM accounts of two banks in the Middle East (CNet.com)

More at:

http://www.techrepublic.com/article/2015-prediction-expect-massive-spikes-in-global-information-security-threats/

DETEKT: A Free Tool To Detect State Spyware On Phones And PCs

Amnesty International launched the Detekt tool to scan for state surveillance spyware on phones and PCs. It was developed by security expert Claudio Guarnieri. I wonder if this puppy detects Regin.

A group of security and technology experts that fight for the respect of human rights experts have launched a new tool dubbed Detekt that allow the detection of the government surveillance malware on mobile devices and PCs. Amnesty in one the members of the Coalition Against Unlawful Surveillance Exports, the alliance that fights to avoid violation of human rights

Detekt was developed by the Italian security expert Claudio Guarnieri, it was launched last Thursday in partnership with Amnesty International, British charity Privacy International, German civil rights group Digitale Gesellschaft and US digital rights group the Electronic Frontier Foundation.
More:
http://securityaffairs.co/wordpress/30363/digital-id/detekt-detect-state-spyware.html

Super Fave: Ken Block's Gymkhana Seven: Wild In The Streets Of Los Angeles. This is a custom-built 1965 Mustang with 845 horses:
https://www.youtube.com/watch?v=5qanlirrRWs

Semi-Truck Jump Over A Formula 1 Car - Epic World Record. A giant semi-truck jumps over a speeding Formula 1 car and sets a world distance record of more than 83 feet:
http://www.flixxy.com/semi-truck-jump-over-a-formula-1-car-epic-world-record.htm?utm_source=4

Wingsuit flying BASE jumper Espen Fadnes makes history acting as a flying carpet for skydiving canopy flyer Bjørn Magne Bryn in Romsdalen Valley, Norway:
http://www.flixxy.com/surfing-on-the-back-of-a-wingsuit-flyer.htm?utm_source=4

Want a good chuckle? Star Wars Pranks in Paris with Luke Skywalker, R2D2, Chewbakka and Darth Vader:
http://www.flixxy.com/star-wars-prank-with-luke-skywalker-r2d2-chewbakka-and-darth-vader.htm?utm_source=4

Waddington airfield in Lincolnshire, England is the perfect spot to see F16, F18, B-17, Saab 2000 and even the Avro Vulcan close-up when they come in for a landing:
http://www.flixxy.com/perfect-spot-for-watching-airplanes-coming-in-for-a-landing.htm

Tiny hamsters celebrate Thanksgiving just like it was in 1621. Cute for the kids:
http://www.flixxy.com/tiny-hamsters-tiny-thanksgiving-dinner.htm?utm_source=4

Svein Aasjord and Trond Ivarsøy had stopped their boat to watch humpback whales in the distance feeding on herring, and then suddenly their boat was surrounded:
http://www.flixxy.com/suddenly-the-small-boat-was-surrounded-by-six-huge-whales.htm?utm_source=4

Watch until the end!! Not only can illusionist Darcy make doves appear out of nowhere, he also has an even bigger trick up his sleeve:
http://www.flixxy.com/darcy-oakes-jaw-dropping-dove-illusions-britains-got-talent-2014.htm

Undoubtedly one of the most amazing performances of 'Swan Lake.' An outstanding display of grace, balance and art. Tchaikovsky would be proud:
http://www.flixxy.com/amazing-performance-of-swan-lake-great-chinese-state-circus.htm

The Toyota Mirai hydrogen-fueled family car is emission free and can be refueled in 5 minutes, providing a range 300 miles on a full tank of hydrogen:
http://www.flixxy.com/turning-point-in-automotive-history-toyota-mirai-fuell-cell-car.htm?utm_source=4

Have you ever wondered why rivers almost never run straight? Find out in this cute, instructive, 3-minute video by MinuteEarth:
http://www.flixxy.com/why-do-rivers-curve.htm?utm_source=4

Stop Thief! A squirrel grabs a GoPro camera and climbs up a tree to record the owner on video. Location: Montréal, Canada:
http://www.flixxy.com/squirrel-grabs-video-camera-and-takes-it-up-a-tree.htm?utm_source=4

Penn and Teller perform awesome live magic on 1986 Saturday Night Live. If you can't figure out how they do it - all is revealed at the end:
http://www.flixxy.com/magicians-penn-and-teller-the-upside-saturday-night-live.htm?utm_source=4

The New Stuxnet Discovered Called Regin How Does It Work?

Posted by Stu Sjouwerman on Nov 24, 2014 10:34:00 AM

Regin Countries

Updated 11/25/2014

Symantec researchers discovered "the new Stuxnet", but it has been in operation since at least 2006. Obviously a highly advanced spying tool, better than the best malware out there. If you look at the times the code was put together it is clear that this is built in the UK with perhaps some help from the NSA.

Symantec published a 22-page report and blog post on the Regin malware, which it described as a powerful cyberespionage platform that can be customized depending on what type of data is sought.

If Regin does turn out to have been active and hidden for 8 years, the discovery means that nation states are still having a 100% success rate in avoiding all antivirus products, which is very bad news for companies trying to protect their networks and crown jewels.

Symantec has been quietly trying to analyze this critter for the last 12 months. It has five separate stages, each one depending on the previous stage to be decrypted. It also uses peer-to-peer communication, which avoids using a centralized command-and-control system to exfiltrate stolen data.





KnowBe4 a finalist in Emerging Companies of the Year Awards

Posted by Stu Sjouwerman on Nov 22, 2014 3:24:00 PM

Stu at TBTF 2014You probably are not aware of the Tampa Bay Technology Forum. They are dedicated to growing and promoting Tampa Bay's technology "eco-system.” Through events, education, networking, advocacy, and philanthropy programs, they provide targeted forums to bring technology and business leaders, investors, government, researchers and educators together.

And they do a great job! Last night, at the , KnowBe4 was recognized as one of the three finalist in the Emerging Companies of the Year Awards 2014. 

Here I am, proudly displaying the plaque, all dressed up in my best suit.

The TBTF is a catalyst for the inspiration and leadership that is transforming Tampa Bay into a world-class center for technology entrepreneurship, business innovation and educational excellence.

Our thanks for all the good work that the TBTF does for all technology companies in the Bay!

Software Support Cybercrime Scam

Posted by Stu Sjouwerman on Nov 22, 2014 9:27:00 AM

tech support scamThis week the FTC shut down a $120M tech support scam that consumer software buyers should be aware of. Two telemarketing firms were at the center of this FTC investigation, but there are many more that have yet to be shut down.

This type of scam has evolved into an extremely lucrative business practice that many consumer software companies are now pushing on their paying customers.

Typically when software is purchased online, customers receive a link to download the software with a license key to activate the service.

In an attempt to get as many customers calling in to these support call centers, many software companies are not delivering the link to download or the license key to activate their newly purchased software.

Instead, customers are instructed to call these tech support centers for "Activation Assistance" or "Installation Assistance". This is a dirty trick to get as many people calling into these support call centers as possible. In most cases, a free PC diagnosis is offered and the telemarketer will remotely access the customer's computer and use social engineering to sell needless tech support services.

I had the pleasure of speaking with the owner of one of these remote tech support firms and what I learned was astonishing. As a digital marketing professional for a software company, the conversation started off with an offer to pay $5 for every phone call I could refer to a call center in India. This is an alarming high amount to pay for each phone call, so I assumed a high number of those calls would turn into paying customers, but I had no idea how many. Through this discussion I learned that 30% of US customers who call into telemarketing centers are purchasing these types of tech support services. WOW!

Software companies stand to gain in some cases 40-50% on each sale they refer to these call centers, in some cases that's an additional $150-200 from customers who purchased a $30 piece of software. In some verticals such as registry repair, PC cleaners and driver updating software, it is actually hard to find a software company that is not referring customers to these types of call centers because the sheer amount of revenue that is produced.

Avoiding this scam is easy. Before you purchase software online, try to make sure that you will instantly get your license key. In case you are instructed to call a support number to "activate or install" the software you just purchased, you should request a refund right away. These types of software companies are putting their customers at risk and are not the type of company you should trust. (Hat tip to Kara Kritzer)

CyberheistNews Vol 4, # 46 Black Friday Coupon Alert

Posted by Sandy Vandebult on Nov 18, 2014 9:32:00 AM

CyberheistNews Vol 4, # 46
KnowBe4
Stu Sjouwerman's New Security Newsletter Don't miss the Fave Links! Case Studies Resources About Us Contact Us
Facebook LinkedIn Blog Twitter YouTube YouTube
 

CyberheistNews Vol 4, 46

Editor's Corner

KnowBe4

Scam Of The Week: Black Friday Coupon Alert

I suggest you send this reminder to your users. Feel free to change: "It's the Holiday Season for the bad guys too! But not the way you might think. They go into scam-overdrive mode. Black Friday and Cyber Monday are the busiest on-line shopping days and they are out to get rich with your money. So what to look out for?

  1. At the moment, there are too-good-to-be-true coupons that offer free phones or tablets on sites all over the Internet. Don't fall for it. Make sure the offers are from a legitimate company.
  2. Watch out for alerts via email or text that you just received a package from FedEx, UPS or the US Mail, and then asks you for some personal information. Don't enter anything. Think Before You Click!
  3. There is a fake refund scam going on that could come from Amazon, a hotel, or a retail chain. It claims there was a "wrong transaction" and wants you to "click for refund" but instead, your device will be infected with malware.

So, especially now, the price of freedom is constant alertness and willingness to fight back. Remember to only use credit cards online, never debit cards. Be super-wary of bulk email with crazy good BUY NOW offers and anything that looks slightly "off".

If you think you might have been scammed, stay calm and call your credit card company, nix that card and get a new one. Happy Holidays!"

Are You Reading CyberheistNews On A Mobile Device?

People keep on telling us that we should optimize CyberheistNews for mobile, because supposedly almost half of newsletter subscribers read their email on a mobile device. So, we decided to ask YOU!

We're working on a format that should be easy to read on your iPhone, Android device or any tablet and still also look good on normal email too. We'd like to know if you would like it in a new mobile-optimized format.

This is a 30-second quick poll at SurveyMonkey. Let us know? Thanks in advance!
https://www.surveymonkey.com/s/CHNlovehate

Quotes of the Week

"Your life does not get better by chance, it gets better by change." - Jim Rohn

"No act of kindness, no matter how small, is ever wasted." - Aesop, (620 - 560 BC)

Thanks for reading CyberheistNews! Please forward to your friends. But if you want to unsubscribe,
you can do that right here

Thanks for reading CyberheistNews! Warm Regards, Stu Sjouwerman | Email me: feedback@knowbe4.com
Facebook LinkedIn Blog Twitter YouTube YouTube
KnowBe4

PCI DSS 3.0 Compliant in Half the Time at Half the Cost

It's time to get and stay PCI DSS 3.0 compliant.

Now that the new 3.0 standard goes into effect, it's a great time to start using a new tool that will save you half the time and half the cost of becoming compliant: KnowBe4 Compliance Manager 2015.

It comes with a pre-made PCI DSS 3.0 template that you can immediately use to get compliant and maintain compliance in a business-as-usual process.

Escape from Excel-hell!

Most organizations track PCI compliance using spreadsheets, MS-Word, or proprietary self-maintained software. This is inefficient, error prone, costly, and a risk in itself. Get and stay PCI DSS 3.0 compliant in half the time and at half the cost with KnowBe4 Compliance Manager™.

Get a short, live web-demo, and we will show you how easy and affordable this is!
http://info.knowbe4.com/_kcm_pci_30-14-11-18

KnowBe4

New Flavor of Ransomware Is More User Friendly

It's been more than a year since the first vicious ransomware reared its ugly head. Turns out this was a hugely successful criminal business model, and more than 10 competing copycats soon followed. Here is a whitepaper that gives you the short history of ransomware.
http://info.knowbe4.com/whitepaper-ransomware-history

Some were more professionally implemented than others, but most of them use strong cryptography to grab data files from drive C and follows up with all mapped drives in alphabetical order. The latest strain has a new trick up its sleeve: it allows victims to decrypt one of the encrypted files for free, and starts out cheaper than the rest. It's "only" 200 bucks instead of 500.

The critter is called CoinVault (not to be confused with the legitimate online coin exchange service) and even has a snazzy logo. The malware authors tried to make the process as simple as possible for the victim. They must have found out that the average small business does not know what Bitcoins are, and how to get them. They went as far as adding a user-friendly button for copying the bitcoin wallet address and included a 24-hour countdown timer that lets you know how much time you have to pay the ransom until it doubles. Jeez, thanks!

Tyler Moffitt over at Webroot blogged about it and said it uses similar technology as CryptoLocker / CryptoWall, it deletes the Windows built-in Volume Snapshot Service, and uses Bitcoin for payment. The algorithm used for locking up the data is the AES-256, a more rudimentary symmetric one compared to what other cryptomalware families rely on; however, this does not make CoinVault any less dangerous.

Moffitt said: "What’s unique about this variant that I wanted to share with you all is that this is the first Encrypting Ransomware that I've seen which actually gives you a free decrypt. It will let you pick any single file that you need after encryption and will decrypt it for you."

"This is a really interesting feature and it gives a good insight into what the actual decryption routine is like if you find yourself actually having to pay them," Moffitt said. "I suspect that this freebie will increase the number of people who will pay."

Yeah, definitely more "user-friendly" but still a significant threat to your data if your backups are old or fail during restore.

You really need to get all your employees stepped through effective security awareness training, because these ransomware infections usually are caused by phishing attacks. Find out how affordable this is for your organization. Click here and we will email you a quote:
http://info.knowbe4.com/dont-get-hit-with-ransomware?

KnowBe4

Feds Use 'Stingrays' In Planes To Spy On Our Phone Calls

The Wall Street Journal broke the story a few days ago. The same technology that nabbed my business partner Kevin Mitnick mid-nineties is now used on most citizens in America. He commented via Twitter: "WTF? U.S. Marshals using airplanes with cellular radio spoofers to capture everyone's cellphone data. Don't worry, you can trust us." Yeah, right.

WIRED magazine had an editorial on it, and they were not amused to put it mildly. This is pretty worrisome indeed. The song comes to mind: "How long has this been going on?" and it seems it's been several years, at least since 2008. Read the WIRED article and shiver, since this kind of technology is now used by the Feds, but as we all know, when the genie is out of the bottle, a few years from now the bad guys will have this too. Yikes:
http://www.wired.com/2014/11/feds-motherfng-stingrays-motherfng-planes/

KnowBe4

The Terrifying Deals Between Silicon Valley And The Security State

The Salon site has a new article that goes into the deals Silicon Valley makes with the NSA. Here are a few paragraphs and I recommend you go down the rabbit hole and read the whole article. This is beyond scary:

"The NSA helps the companies find weaknesses in their products. But it also pays the companies not to fix some of them. Those weak spots give the agency an entry point for spying or attacking foreign governments that install the products in their intelligence agencies, their militaries, and their critical infrastructure.

Microsoft, for instance, shares zero day vulnerabilities in its products with the NSA before releasing a public alert or a software patch, according to the company and U.S. officials. Cisco, one of the world’s top network equipment makers, leaves backdoors in its routers so they can be monitored by U.S. agencies, according to a cyber security professional who trains NSA employees in defensive techniques.

And McAfee, the Internet security company, provides the NSA, the CIA, and the FBI with network traffic flows, analysis of malware, and information about hacking trends. "Companies that promise to disclose holes in their products only to the spy agencies are paid for their silence, say experts and officials who are familiar with the arrangements. More at Salon:
http://www.salon.com/2014/11/16/googles_secret_nsa_alliance_the_terrifying_deals_between_silicon_valley_and_the_security_state/

It's an extract out of a book that I just bought at Amazon but have not started reading yet: @War: The Rise of the Military-Internet Complex. This, from the back cover: "A surprising, page-turning account of how the wars of the future are already being fought today. The United States military currently views cyberspace as the “fifth domain” of warfare (alongside land, air, sea, and space), and the Department of Defense, the National Security Agency, and the CIA all field teams of hackers who can, and do, launch computer virus strikes against enemy targets.

As recent revelations have shown, government agencies are joining with tech giants like Google and Facebook to collect vast amounts of information. The military has also formed a new alliance with tech and finance companies to patrol cyberspace.
http://www.amazon.com/War-Rise-Military-Internet-Complex-ebook/dp/B00HP6T7V0/

KnowBe4

Cyberheist 'FAVE' LINKS:

* This Week's Links We Like. Tips, Hints And Fun Stuff.

SUPER FAVE: OK, this takes the cake. 15 Big Magic Tricks In 5 Minutes. It's a world record in Stage Magic. And then he gives a bonus trick. WOW:
https://www.youtube.com/embed/BCJhRfwylSI?feature=player_detailpage

Swiss Rocket Man Francois Gissy straps a rocket to a bicycle and reaches 333 km/h (207 mph) in 4.7 seconds, breaking his own previous world record. Even a Ferrari Scuderia can't keep up with it. The first minute is fun to watch!
http://www.flixxy.com/rocket-powered-bicycle-world-record-0-207-mph-in-5-seconds.htm?utm_source=4

Martial-arts master Genki Sudo and his band 'World Order' present us with their amazing slow-mo choreography tour through London. These guys are really good:
http://www.flixxy.com/slow-mo-choreography-tour-through-london.htm?utm_source=4

Restore Your Faith In Humanity In 4 Minutes. The world can sometimes be a cruel place. Here is to the kind-hearted:
http://www.flixxy.com/restore-your-faith-in-humanity-in-4-minutes.htm?utm_source=4

See what a Boeing 757 can do when it is not loaded with cargo and 250 passengers:
http://www.flixxy.com/boeing-757-low-fast-pass-and-steep-climb.htm?utm_source=4

Microsoft Tech Support Scammer Artfully Exposed on Video. This is pretty funny - it's 10 minutes, so great for a quick break. Also instructive for end users and family that you might want to warn about these scams:
http://youtu.be/sz0cEo2h3f8

Watch This South Korean Robot Fly A Plane. No, really:
http://youtu.be/8gnjh8uOAIs

Talking about robots, this 330 pound monster can balance on one leg:
https://m.youtube.com/watch?v=UH0k2hFHzyc

Into Marketing a bit? Here are 40 brand logos with hidden messages:
http://blog.hubspot.com/marketing/hidden-messages-in-famous-logos-infographic?

Motoped Survival: Black Ops edition – a fully functional zombie hunting moped. I want one!
http://www.gizmag.com/motoped-pro-cruzer-survival-black-ops-moped/34730/

When her husband asks this young woman for a divorce, she has just one simple request, one that could change their future. Quite beautiful:
http://www.flixxy.com/when-this-man-asked-for-divorce-his-wife-had-one-final-request.htm?utm_source=4

Classic: Zaouli de Manfla - Mask Dance of the Ivory Coast. James Brown and Michael Jackson don't even come close to this guy's dancing:
http://www.flixxy.com/zaouli-de-manfla-mask-dance-of-the-ivory-coast.htm?utm_source=4

Out of the archives: the 5-wheel Caddilac. Pretty nifty actually:
http://www.flixxy.com/five-wheeled-cadillac-1950.htm?utm_source=4

 
KnowBe4
Facebook LinkedIn Blog Twitter YouTube YouTube

STATE DEPT COMPUTERS HACKED, EMAIL SHUT DOWN

Posted by Stu Sjouwerman on Nov 17, 2014 9:33:00 AM

Dept of stateAssociated Press just reported that the State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from a suspected hacker attack.

A senior department official said Sunday that "activity of concern" was detected in the system around the same time as a previously reported incident that targeted the White House computer network. That incident was made public in late October, but there was no indication then that the State Department had been affected. Since then, a number of agencies, including the U.S. Postal Service and the National Weather Service, have reported attacks.

The attackers are very likely to be either Russian, Chinese (or both), and they use spear-phishing to get into employee's systems. From there, they tunnel into the network and take control of email servers to spy on internal documents, communications and exfiltrate secret policy related to their country.  

At this point in time, stepping employees through effective security awareness training is no "luxury" or a "compliance item", it's a must to get this done ASAP.

New Flavor of Ransomware Is More User Friendly

Posted by Stu Sjouwerman on Nov 15, 2014 2:48:00 PM

CoinVault RansomwareIt's been more than a year since the first vicious ransomware stuck up its ugly head.

Turns out this was a hugely successful criminal business model, and more than 10 competing copycats followed soon. Here is a whitepaper that gives you the short history of ransomware

Some were more professionally implemented than others, but most of them use strong cryptography to grab data files from drive C and follows up with all mapped drives in alphabetical order. The latest strain has a new trick up its sleeve: it allows victims to decrypt one of the encrypted files for free, and starts out cheaper than the rest. It's "only" 200 bucks instead of 500.

The critter is called CoinVault (not to be confused with the legitimate online coin exchange service) and even has a snazzy logo. The malware authors tried to make the process as simple as possible for the victim. They must have found out that the average small business does not know what Bitcoins are, and how to get them. They went as far as adding a user-friendly button for copying the bitcoin wallet address and included a 24-hour countdown timer that lets you know how much time you have to pay the ransom until it doubles. Jeez, thanks!

Tyler Moffitt over at Webroot blogged about it and said it uses similar technology as CryptoLocker / CryptoWall, it deletes the Windows built-in Volume Snapshot Service, and uses Bitcoin for payment. The algorithm used for locking up the data is the AES-256, a more rudimentary symmetrical one compared to what other cryptomalware families rely on; however, this does not make CoinVault any less dangerous.

Moffitt said: "What’s unique about this variant that I wanted to share with you all is that this is the first Encrypting Ransomware that I've seen which actually gives you a free decrypt. It will let you pick any single file that you need after encryption and will decrypt it for you."

"This is a really interesting feature and it gives a good insight into what the actual decryption routine is like if you find yourself actually having to pay them," Moffitt said. "I suspect that this freebie will increase the number of people who will pay."

Yeah, definitely more "user-friendly" but still a significant threat to your data if your backups are old or fail during restore. 

You really need to get all your employees stepped through effective security awareness training, because these ransomware infections usually are caused by phishing attacks. Find out how affordable this is for your organization. Click on the button and we will email you a quote.

 

 

 

Scam Of The Week: Black Friday Coupon Alert

Posted by Stu Sjouwerman on Nov 15, 2014 9:47:00 AM

Scam Of The WeekI suggest you send this reminder to your users. Feel free to change:

"It's Holiday Season for the bad guys too! But not the way you might think. They go into scam-overdrive mode. Black Friday and Cyber Monday are the busiest on-line shopping days and they are out to get rich with your money. So what to look out for?

  1. At the moment, there are too-good-to-be-true coupons that offer free phones or tablets all over sites on the Internet. Don't fall for it. Make sure the offers are from a legitimate company. While we're at it... 
  2. Watch out for alerts via email or text that you just received a package from FedEx, UPS or the US Mail, and then asks you for some personal information. Don't enter anything. Think Before You Click! 
  3. There is a fake refund scam going on that could come from Amazon, a hotel, or a retail chain. It claims there was a "wrong transaction" and wants you to "click for refund" but instead, your device will be infected with malware.

So, especially now, the price of freedom is constant alertness and willingness to fight back. Remember to only use credit cards online, never debit cards. Be super-wary of bulk email with crazy good BUY NOW offers and anything that looks slightly "off". If you think you might have been scammed, stay calm and call your credit card company, nix that card and get a new one. Happy Holidays!"

Small business thinks workers are weak cybersecurity link

Posted by Stu Sjouwerman on Nov 13, 2014 4:19:00 PM

employees weak link in IT securityThe poll was conducted by Spiceworks Voice of IT on behalf of CloudEntr in September. The study collected 438 surveys from IT professionals at companies with 20 to 499 employees in industries related to financial services, manufacturing, professional services, government and non-profits.

Of the IT professionals who responded in the survey, 77 percent said that employees are the weakest link in the security infrastructure. The number is even bigger in financial services firms: 81 percent.

Curiously, despite recent high-profile security breaches, a clear majority of IT professionals—64 percent—said they won't change any of their planned security-related infrastructure buying in 2015, though an even larger majority (89 percent) said they plan to provide more employee education next year.

This is a good thing, because effective security awareness training is a great way to manage the problem of employees causing ransomware infections by falling for spear-phishing attacks.

Link: http://www.cnbc.com/id/102178391#

Subscribe to Our Newsletter!

Subscribe to Blog

Follow Me