Alvaka's Blog

Stay Informed And Up To Date On The Latest In Cyber Security

Alvaka Blog2026-03-11T18:09:45-07:00
3101, 2017

What is CEO fraud? c/o KnowBe4.com

By |January 31st, 2017|Alvaka Blog|Comments Off on What is CEO fraud? c/o KnowBe4.com

Irvine, CA - CEO fraud is a phishing scam in which cybercriminals spoof company email accounts

and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers, or sending out confidential tax information.

The FBI calls this type of scam "Business Email Compromise" and defines BEC as “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.”

In the time period from January 2015 to June 2016, the FBI reported a 1300% rise in lossesfrom this type of fraud. Most victims are in the US (all 50 states), but companies in 100 other countries have also reported incidents. While the fraudulent transfers have been sent to 79 countries, most end up in China and Hong Kong. Unless the fraud is spotted within 24 hours, the chances of recovery are small.

Four Attack Methods

Understanding the different attack vectors for this type of crime is key when it comes to prevention. This is how the bad guys do it:

Read More
2101, 2017

DFARS 252.204-7012 is going to define new winners and losers in defense contracting

By |January 21st, 2017|Alvaka Blog, Articles|Comments Off on DFARS 252.204-7012 is going to define new winners and losers in defense contracting

Kevin McDonald has just published his latest article of DFARS (Defense Federal Acquisition Regulations Supplement) at SearchCompliance.TechTarget.com. If you fall into this category, a recently implemented rule from the Department of Defense called the Defense [...]

Read More
1901, 2017

Aligning IT and compliance procedures increasingly a business priority

By |January 19th, 2017|Alvaka Blog, Articles|Comments Off on Aligning IT and compliance procedures increasingly a business priority

Kevin McDonald writes for TechTarget SearchCompliance on Aligning IT and compliance procedures increasingly a business priority. He says, "When I've asked IT pros about HIPAA Security Rule compliance within their organization, they've typically responded with, "That [...]

Read More
1101, 2017

Auto-fill Phishing Attack – This is scary. You better turn off your browser’s auto-fill feature.

By |January 11th, 2017|Security|Comments Off on Auto-fill Phishing Attack – This is scary. You better turn off your browser’s auto-fill feature.

There is interesting breaking news from web developer and hacker Viljami Kuosmanen as reported in The Guardian - Browser autofill used to steal personal details in new phishing attack.

 “The phising attack is brutally simple… when a user fills in information in some simple text boxes, such as name and email address, the autofill system, which is intended to avoid tedious repetition of standard information such as your address, will input other profile-based information into any other text boxes – even when those boxes are not visible on the page.

Disabling Autofill in Web Browsers

Google Chrome

1.       At the top right, click on the Settings icon (represented by three vertical dots)....

Read More
2212, 2016

DFARS pre-assessment questionnaire

By |December 22nd, 2016|Alvaka Blog|Comments Off on DFARS pre-assessment questionnaire

Los Angeles, CA - Tonight I am reviewing our new DFARS Pre-Assessment Questionnaire that has just been updated for 2017. It is a very compact 30 questions in a four page document. It of course is not a full DFARS assessment, but it is step one of your process you must do before anything else on your DFARS compliance journey.

DFARS is the Defense Federal Acquisition Regulation Supplement. It is a supplement to the FAR that provides DoD-specific acquisition regulations that DoD government acquisition officials – and those contractors doing business with DoD – must follow in the procurement process for goods and services.

If you are an aerospace company, Department of Defense contractor or another type of organization that falls under....

Read More
1512, 2016

What are your unexpected risks from the Yahoo billion account breach?

By |December 15th, 2016|Security|Comments Off on What are your unexpected risks from the Yahoo billion account breach?

The big cyber-security news today is the billion account breach at Yahoo!  Some experts are recommending the immediate closing of your Yahoo! account. I am not fully on board with that recommendation. If you have highly sensitive information in your Yahoo! account then I agree. If the account is used for some club activities or e-mail in Yahoogroups.com, etc. then at minimum you need to change your password.

At minimum, all Yahoo! users need to change their passwords today. If you have helper/challenge questions for your passwords those questions and answers need to be changed, too. If your Yahoo! login name, password and challenge questions & answers have been used on other websites you need to change those, too, immediately.

Here is the advice Alvaka has for you:

·         Beware that Yahoo! is a partner of AT&T so you may have exposure there, too. At minimum change the password or close the account and move your information elsewhere.

·         If you have employees who check their Yahoo account at work you need block Yahoo! at your firewall and filtering defenses you have.

Here are some good tips I saw posted by the CEO of KnowBe4 and I agree with them. He says:

Read More

I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Hello