About tlgadmin

This author has not yet filled in any details.
So far tlgadmin has created 191 blog entries.

What is CEO fraud? c/o KnowBe4.com

Irvine, CA - CEO fraud is a phishing scam in which cybercriminals spoof company email accounts

and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers, or sending out confidential tax information.

The FBI calls this type of scam "Business Email Compromise" and defines BEC as “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.”

In the time period from January 2015 to June 2016, the FBI reported a 1300% rise in lossesfrom this type of fraud. Most victims are in the US (all 50 states), but companies in 100 other countries have also reported incidents. While the fraudulent transfers have been sent to 79 countries, most end up in China and Hong Kong. Unless the fraud is spotted within 24 hours, the chances of recovery are small.

Four Attack Methods

Understanding the different attack vectors for this type of crime is key when it comes to prevention. This is how the bad guys do it:

What is CEO fraud? c/o KnowBe4.com2019-11-19T21:29:11-08:00

Auto-fill Phishing Attack – This is scary. You better turn off your browser’s auto-fill feature.

There is interesting breaking news from web developer and hacker Viljami Kuosmanen as reported in The Guardian - Browser autofill used to steal personal details in new phishing attack.

 “The phising attack is brutally simple… when a user fills in information in some simple text boxes, such as name and email address, the autofill system, which is intended to avoid tedious repetition of standard information such as your address, will input other profile-based information into any other text boxes – even when those boxes are not visible on the page.

Disabling Autofill in Web Browsers

Google Chrome

1.       At the top right, click on the Settings icon (represented by three vertical dots)....

Auto-fill Phishing Attack – This is scary. You better turn off your browser’s auto-fill feature.2017-06-27T15:53:24-07:00

DFARS pre-assessment questionnaire

Los Angeles, CA - Tonight I am reviewing our new DFARS Pre-Assessment Questionnaire that has just been updated for 2017. It is a very compact 30 questions in a four page document. It of course is not a full DFARS assessment, but it is step one of your process you must do before anything else on your DFARS compliance journey.

DFARS is the Defense Federal Acquisition Regulation Supplement. It is a supplement to the FAR that provides DoD-specific acquisition regulations that DoD government acquisition officials – and those contractors doing business with DoD – must follow in the procurement process for goods and services.

If you are an aerospace company, Department of Defense contractor or another type of organization that falls under....

DFARS pre-assessment questionnaire2019-09-05T21:57:35-07:00

What are your unexpected risks from the Yahoo billion account breach?

The big cyber-security news today is the billion account breach at Yahoo!  Some experts are recommending the immediate closing of your Yahoo! account. I am not fully on board with that recommendation. If you have highly sensitive information in your Yahoo! account then I agree. If the account is used for some club activities or e-mail in Yahoogroups.com, etc. then at minimum you need to change your password.

At minimum, all Yahoo! users need to change their passwords today. If you have helper/challenge questions for your passwords those questions and answers need to be changed, too. If your Yahoo! login name, password and challenge questions & answers have been used on other websites you need to change those, too, immediately.

Here is the advice Alvaka has for you:

·         Beware that Yahoo! is a partner of AT&T so you may have exposure there, too. At minimum change the password or close the account and move your information elsewhere.

·         If you have employees who check their Yahoo account at work you need block Yahoo! at your firewall and filtering defenses you have.

Here are some good tips I saw posted by the CEO of KnowBe4 and I agree with them. He says:

What are your unexpected risks from the Yahoo billion account breach?2017-06-27T15:53:40-07:00

I’m a security monitor

Irvine, CA - I have become somewhat enamored by the LifeLock commercial titled, “Fix it.” In that commercial, bank robbers come storming into a bank breaking a display and yelling, “Everybody on the floor.” As everyone hits the floor a man in a security uniform remains standing and one of the customers whispers, “Do something!” He replies, “Oh, I’m not a security guard. I’m a security monitor. I only notify people if there is a robbery.” After a brief glance around he passively says, “There’s a robbery.” The commercial narrator then says, “Why monitor a problem if you don’t fix it?”

You can view that video here.

I’m a security monitor2017-06-28T10:31:02-07:00

Here is the reason your antivirus isn’t working anymore

Irvine, CA - Even the biggest of the antivirus software vendors are beginning to give up the fight against malware. The traditional ways of fighting just don’t work anymore. It is too reactive and labor intensive… not to mention just inherently flawed at this point. If you have been to our lunch and learns the past couple of years you know that at Alvaka Networks we down-play significantly the role and importance of firewalls and AV software. Sure you need them, but oftentimes users rely on those two tactics at the neglect of other often more important and effective solutions. If you want a comprehensive solution based upon tools you likely already own you should read this – What 12 Security Things Should I Focus on to Be Defensible in 2016? These are just as valid for 2017.

What is the breaking news on the demise of antivirus software as we know it? Well, it simply does not work well today and in the future. Here is a link to...

Here is the reason your antivirus isn’t working anymore2017-06-27T15:53:49-07:00

Kevin McDonald’s FACETStv interview with Dr. Anthony Chang of CHOC Hospital

Orange, CA - I have been attending monthly MI3 meetings at CHOC Hospital in Orange County, CA. MI3 is the Medical Intelligence and Innovation Institute. If you are in healthcare or interested in innovation these meetings on the third Monday of the month from 4 to 6 p.m. are worth attending.

In this video Kevin McDonald interviews Dr. Anthony Chang, the Chief Intelligence and Innovation Officer of CHOC Hospital on data science, artificial intelligence and the other innovations being promoted at CHOC.

Kevin McDonald’s FACETStv interview with Dr. Anthony Chang of CHOC Hospital2017-06-27T15:54:00-07:00

New statistics on ransomware

Chicago, IL - I sat in on a cybersecurity presentation by anti-virus/malware vendor Webroot. If you have not checked it out it is a good product that represents the next generation of protection in my opinion.

The slide deck had a few interesting graphic factoids I thought I would share.

New statistics on ransomware2017-06-27T15:54:09-07:00

Here is a list of available ransomware decryption tools

If you have just gotten ransomware, check out this new webpage with a list of new ransomware Decryption Tools. Not all ransomware can be decrypted, but if you find you have:

1.       WildFire Decryptor

2.       Chimera Decryptor

3.       Teslacrypt Decryptor

4.       Shade Decryptor

5.       CoinVault Decryptor

6.       Rannoh Decryptor

7.       Rakhni Decryptor

Here is a list of available ransomware decryption tools2019-12-13T12:54:50-08:00
Load More Posts