Archive for July, 2019

More info on the Capital One Hack

A bit about the hacker herself, she wanted into these databases and knew a lot about how to get in.
Some of the issues, Mis-configured firewalls, intent to dump the data to the public, and Capital One isn’t alone in the problem of exposure.
Netflix, TD Bank, and Ford were only a few of the companies whose data was hacked. Now we do the painful wait as little drips of info start coming out and the full extent of the hack is exposed. (Truth is we may never get the full story.)

USA Today article with some of the surrounding public info here
https://www.usatoday.com/story/money/business/2019/07/30/suspect-behind-capital-one-data-breach-may-have-more/1865848001/


By KingCorey in fun  .::. Comments Off on More info on the Capital One Hack

Capital One does loser big


By KingCorey in fun  .::. Comments Off on Capital One does loser big

Crackdown on China

Looks like the current administration is taking a look at the problem.

I think it may be long overdue.

https://www.latimes.com/california/story/2019-07-21/uc-china-trump-trade-visa


By KingCorey in fun  .::. Comments Off on Crackdown on China

More Secure Ideas – Email and bounce back

Turn off email read receipts. Hackers will gather information from your systems and know if you read the emails. It would also alert them that the email address is valid and since you opened it, they know it is a functioning path to get to you with a click link Trojan or virus or spear fishing attack.
Turn off your email out of office notifications. Most people are connected 24/7 and can respond to urgent requests. Sending out an out of office email will give away other emails or names for the hacker to attempt to contact. This also allows the hacker to know you are not in and they can time an email attack to when you return and maybe busy so you make a mistake and click a link that you normally wouldn’t.
If any of your software bounces back a response from a device you want to disable those notifications for external senders. Often the bounce notice gives away the software or hardware that is sending the message. Microsoft Outlook or Barracuda firewalls may give out information to the hacker on their next attack.
Remember, what software the company runs, and who is in those roles in the company can be valuable information for the next round of cyber attacks. Stay alert!


By KingCorey in fun  .::. Comments Off on More Secure Ideas – Email and bounce back

Chinese Security Cameras – Not so secure to have

Apparently Chinese security cameras are probably insecure, but nearly impossible to remove from society at this point.

https://www.bloombergquint.com/business/banned-chinese-security-cameras-are-almost-impossible-to-remove


By KingCorey in fun  .::. Comments Off on Chinese Security Cameras – Not so secure to have

MAC and ZOOM – Bad issues

You really need to cover your webcam on your Mac Book. And uninstall doesn’t work on this app. So, be prepared for this to be an ongoing issue. Looks like the people who wrote the app seem unconcerned about the problem as well. Another ZERO day Exploit issue. More detail at the link below.

https://fortune.com/2019/07/09/zoom-zero-day-exploit-vulnerability/


By KingCorey in fun  .::. Comments Off on MAC and ZOOM – Bad issues

Quick hit Tedx talk worth watching


By KingCorey in fun  .::. Comments Off on Quick hit Tedx talk worth watching

VPN insecure

China owns a lot of VPNs

https://m.slashdot.org/story/357922


By KingCorey in fun  .::. Comments Off on VPN insecure

Cybersecurity UPDATE for GRID infrastructure

Apparently everything old is new again.

Senate passes cybersecurity bill to decrease grid digitization, move toward manual control

https://www.utilitydive.com/news/senate-passes-cybersecurity-bill-to-decrease-grid-digitization-move-toward/557959/

https://www.king.senate.gov/imo/media/doc/01-17-19%20Securing%20Energy%20Infrastructure.pdf

https://www.king.senate.gov/newsroom/press-releases/senate-passes-king-bill-protecting-energy-grid-from-cyber-attacks


By KingCorey in fun  .::. Comments Off on Cybersecurity UPDATE for GRID infrastructure


You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.