Computer Safety & News

John Maxwell reflects on tragedy in Nepal and how creativity & innovation are needed during a time of crisis. http://www.johnmaxwell.com/blog/cultivating-creativity-in-times-of-crisis To face the greatest challenges of life, we need to cultivate creative thinking. In times of crisis, you need to tap into every good idea you have. And of course, the best time to increase […]

Google Chrome now offers a new extension called “Password Alert” to help detect Phishing Attacks http://www.pcmag.com/article2/0,2817,2483392,00.asp https://support.google.com/a/answer/6197508 Security breaches are on the rise, but in many cases, hackers gain access to your accounts through simple phishing schemes rather than sophisticated attacks. You’ve heard it time and again: don’t click on suspicious links in emails and […]

Predictably, after major disasters scammers will immediately set up fake sites, phishing attacks, and email campaigns to solicit money.  Unfortunately, this goes to the criminals rather than victims of tragedy.  It is always safest approach to donate to Red Cross or other similar mainstream sites http://www.consumeraffairs.com/news/scam-warning-watch-out-for-fraudulent-nepalese-earthquake-charities-042815.html https://isc.sans.edu/forums/diary/Scammy+Nepal+earthquake+donation+requests/19635/ On Saturday a massive earthquake devastated the Himalayan […]

Excellent motivational article for managers and project leaders from John Maxwell’s blog  Thomas A. Edison — “I have not failed. I’ve just found 10,000 ways that won’t work.” http://www.johnmaxwell.com/blog/how-do-you-become-a-successful-failure Nobody likes to fail. But if we’re honest, we understand that failure is a part of life. There is no success without some amount of failure. […]

  Phasebot is a new malware agent that infects the Windows registry of vulnerable systems using PowerShell scripting engine rather than file based mechanisms to add malicious code.  This is described in a recent Trend Micro security blog post:  http://blog.trendmicro.com/trendlabs-security-intelligence/without-a-trace-fileless-malware-spotted-in-the-wild/ Phasebot and PowerShell – We think Phasebot is interesting because of its use of Windows […]

The Internet Storm Center shares an evolving trend to use outside services in responding to data breaches and below are key resources that may be helpful to organizations: https://isc.sans.edu/forums/diary/When+Prevention+Fails+Incident+Response+Begins/19629/ I’ve been asked a few times this year to discuss and review incident handling practices with some of our clients. This topic seems to have come […]

The IETF is close to finalizing version “2” of HTTP protocol as shared below http://searchsecurity.techtarget.com/answer/HTTP-2-Is-it-the-next-HTTP http://http2.github.io/ The Internet Engineering Task Force is responsible for developing and promoting voluntary Internet standards, and it is close to finalizing and making HTTP/2 a formal Internet specification. HTTP/2 is primarily focused on improving the time it takes to render […]

An estimated ONE BILLION visits may have occurred at major infected websites, from DEC 2014 through FEB 2015 as documented below. Clicking on a malicious advertising link had the potential to drop the Cryptowall Ransomware agent onto vulnerable systems. http://www.darkreading.com/attacks-breaches/zero-day-malvertising-attack-went-undetected-for-two-months/d/d-id/1320092 RSA CONFERENCE — San Francisco — Cybercriminals deployed an Adobe Flash Player zero-day exploit embedded […]

John Maxwell features excellent blog on project management and leadership skills. This post focuses on how to encourage team members to better believe in their own capabilities as they are stretched by new challenges http://www.johnmaxwell.com/blog/be-a-belief-magnet When I speak to people, whether in a crowd or one-on-one, I make it my goal to increase their belief […]

A rare Yellow Alert was recently declared by Internet Storm Center to promote awareness on the need to patch IIS environment, as MS15-034 denial of service exploits are actively circulating in the wild. The ISC also recently updated MS15-034 as a “PATCH NOW” for IIS installations.  https://isc.sans.edu/forums/diary/MS15034+HTTPsys+IIS+DoS+And+Possible+Remote+Code+Execution+PATCH+NOW/19583/ http://www.darkreading.com/vulnerabilities—threats/microsoft-zero-day-bug-being-exploited-in-the-wild/d/d-id/1319988 https://blog.sucuri.net/2015/04/website-firewall-critical-microsoft-iis-vulnerability-ms15-034.html Denial of Service (DoS) exploits are […]