Computer Safety & News

Crytolocker is highly destructive and emerged as one of top threats of 2013, as it holds users hostage to pay for unencrypting and returning data back to user http://www.bbc.co.uk/news/technology-25506020 http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware/ QUOTE: A virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers. Cryptolocker scrambles […]

Cryptolocker is highly destructive as once data is encrypted, the system can usually only be recovered from backups (or one must pay the bad guys for keys to decrypt data).  This new variant improves the capability to spread from system to system. http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/ http://www.symantec.com/connect/blogs/cryptolocker-qa-menace-year QUOTE:  We recently came across a CryptoLocker variant that had one notable feature—it has propagation […]

Distributed denial of service attacks are likely to increase in 2014 based on current trends. http://www.scmagazineuk.com/2014-ddos-attacks-can-only-get-worse/article/326782/ QUOTE: 2013 will go down in IT security history as the year when a large number of high-profile organisations were very publicly hacked. And in parallel with this, the integrity of tens of millions of debit and credit card […]

The PhishMe blog was recently discovered and highlights key attack methods used during the holidays http://phishme.com/popular-holiday-themed-phishing-attacks/ http://phishme.com/category/blog/ QUOTE: The holidays are a busy time for everyone… especially for hackers trying to phish your employees. Phishing is most effective when it exploits human emotions—fear, greed, anxiousness, curiosity, compassion, getting a good deal—and the holidays tend to […]

An effective corporate security approach uses sophisticated technical defense systems as well as emphasizing the important of security to their workers.  This recent study notes that while some companies are not actively involved, many now use online training resources. http://www.scmagazineuk.com/18-of-office-workers-have-no-security-training/article/326250/ QUOTE: Delving into the research – which was conducted in late November – reveals that […]

The ZBOT family and other related malware are still actively circulating and use highly sophisticated botnet command-and-control techniques. Usually, after one malware family diminishes, a more sophisticated attack is launched in it’s place. http://securitywatch.pcmag.com/security/319042-financial-trojans-taking-over-the-world http://www.symantec.com/connect/blogs/state-financial-trojans-2013 http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_state_of_financial_trojans_2013.pdf QUOTE: Money talks big. The industry of financial Trojans has been steadily growing as money is moving to online […]

During recent research saw that version 3.0 of PCI/DSS standards were finalized during NOV 2013.  Some key links are noted below: PCI/DSS HOME PAGE https://www.pcisecuritystandards.org/ PCI/DSS OVERVIEW https://www.pcisecuritystandards.org/security_standards/index.php DOCUMENT LIBRARY https://www.pcisecuritystandards.org/security_standards/documents.php FIVE KEY CHANGES http://searchsecurity.techtarget.com/tip/PCI-DSS-version-30-The-five-most-important-changes-for-merchants QUOTE: The PCI Security Standards Council offers robust and comprehensive standards and supporting materials to enhance payment card data security. […]

Hackers are already launching targeted attacks and are likely performing brute force attacks on the encrypted PIN numbers. Once both credit card and PIN# information is disclosed, hackers can register charges as desired. As shared earlier affected Target customers should change their PIN# immediately to reduce risks. http://bits.blogs.nytimes.com/2013/12/27/targets-nightmare-goes-on-encrypted-pin-data-stolen/ QUOTE: Target said criminals had made off […]

PC Magazine has issues 5 separate prediction articles based on emerging trends seen during past year http://securitywatch.pcmag.com/security/319183-predictions-cyber-security-in-2014 http://securitywatch.pcmag.com/security/319244-predictions-securing-protecting-the-internet-of-things http://securitywatch.pcmag.com/business-financial/319224-predictions-more-retail-breaches-bitcoin-will-crash http://securitywatch.pcmag.com/security/319195-predictions-android-ransomware-mobile-banking-fraud http://securitywatch.pcmag.com/security/319190-predictions-rise-of-national-internet-tor-s-popularity-boom

Reuters shares that BBC server was briefly compromised on Christmas Day http://www.reuters.com/article/2013/12/29/us-bbc-cyberattack-idUSBRE9BS06K20131229 QUOTE: A hacker secretly took over a computer server at the BBC, Britain’s public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. While it is not known if the hacker […]