Security

23K

Solutions

174

Articles & Videos

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

2
Put Machine Learning to Work--Protect Your Clients
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Portland with some ftp advice.
ftpsecurity
4
Today's ransomware attack is spreading by SMB through the local network according to Marcus,
 @MalwareTech, who stopped the last attack—known as WannaCry—and is working to stop this one.
malware-tech.JPGPost your advice or news on the currently named "NotPetya" attack and be sure to ask any questions by tagging the topic "ransomware"  to get solutions fast!
4
4
 
LVL 4

Author Comment

by:Doug Walton
Oh jeez, I didn't realize they were that bad with ads!  I have a subscription to them through amazon prime so my ad blocker doesn't have to do anything.
1
 
LVL 10

Expert Comment

by:Andrew Leniart
Yes, I easily tolerate a few adds on websites, but 46 on the front page?  Haha.. Next! :)
0
8
 
LVL 17

Expert Comment

by:Lucas Bishop
Evgeniy Bogachev
0
 
LVL 4

Expert Comment

by:Doug Walton
I think it's being referred to as "NotPetya"

Early reports from a Kaspersky researcher identified the virus as a variant of the Petya ransomware, although the company later clarified that the virus is an entirely new strain of ransomware, which it dubbed “NotPetya.”
0
Participating in the Internet-wide Day of Action to support Title II? We'd love to hear your opinion on net neutrality. Tell us in the comments below by 7 p.m. PST (today) and be included in a community response infographic.
4
2
An interesting perspective on why Russia seems to have a higher representation of hackers as compared to the US:
https://krebsonsecurity.com/2017/06/why-so-many-top-hackers-hail-from-russia/

This article focuses primarily on how Russia has integrated computer science into school curriculums at much earlier grade levels than the US. On top of that, there are less opportunities (ie. Silicon Valley) in Russia for leveraging this education. It doesn't really delve into the "hacker" aspect, but shows that Russia has twice the amount of students taking AP Comp Sci exam as the US.

I think they've missed the mark a bit in only focusing on the education aspect, as many countries have great developers, but it's rare that you see them represented in the more malicious side of dev work.

Back in the early 2000's when I was focused heavily on affiliate marketing, I'd often see hacking of affiliate sites (for malicious cookie stuffing) and Adwords accounts (for rogue PPC ad groups) via Russian groups regularly and didn't understand why it was so prevalent.

After speaking with a friend who grew up there, I asked why he thought there was such a high volume of hackers coming out of Russia. His perspective was that "everyone steals, it's part of the culture and is one of the best ways to survive." One example that didn't click until he explained is how you see so many dash cam videos from Russia
2
Internet Device Security
Here is a favourite article of mine with a lesson on internet device security. This also applies to information about you stored on other people's devices.
http://it.toolbox.com/blogs/securitymonkey/how-your-naked-pictures-ended-up-on-the-internet-53185
(Better yet, don't let anyone take naked pictures of you.)
0
Video I saw trending today showcases what happens when an IRS phone scammer, attempts to scam the wrong programmer. Said programmer decides to write a call flooding script to prevent the scammers from receiving call-backs. As the frustration ensues he records their responses to the phone calls.

The language eventually becomes nsfw, you've been warned.

https://www.youtube.com/watch?v=EzedMdx6QG4
4
 
LVL 23

Expert Comment

by:yo_bee
I got one of the Microsoft Scam guys so furious.  Kept him on the phone for 10 mins before he hung up on me.

I called him back and he cursed me out.
;)
1
 
LVL 95

Expert Comment

by:John Hurst
Apparently the scammer has found us and is busy spamming the board here.
0
Retailers - Is your network secure?
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

4
 
LVL 6

Expert Comment

by:Nicholas
Yawn
0
 
LVL 10

Expert Comment

by:Andrew Leniart
I get why the host company decided to pay the ransom to recover customer data, but it sure leaves a bad taste knowing the criminals got anything at all out of an extortion exercise like that, let alone the massive payout that was agreed on.

And what's a web host doing running a service like that without secured backups anyway? Boggles the mind..
2
Only 10 days left to sign up for our ransomware prevention and preparation Course of the Month for June. With a 300% increase in ransomware attacks from 2015 to 2016, it is vital to decrease your vulnerability to the next attack and enhance your security by enrolling today.




5
 

Expert Comment

by:Josh Petraglia
Signed up. What a perfect topic to cover!!!
2
5
 
LVL 6

Expert Comment

by:Nicholas
Old news and was already posted less than a day ago
0
 

Expert Comment

by:Mahima Gupta
why to pay 1 Million, if you can do the same thing in a very less bucks..  http://bit.ly/2rJTnVj
0
Drew Frey writes articles on cyber security and ransomware protection.  Follow him if you're interested in seeing new articles in those topics.

https://www.experts-exchange.com/members/Drew-Frey.html
5
 

Expert Comment

by:Michael Bodine
SP INFOTECH was also part of a scam...they had people calling up with foreign voices and the company name would change..as they answered the phone.. certaintly unpredictable crap.
1
 
LVL 16

Author Comment

by:Kyle Santos
Source?
0
A $1 million payout in a ransomware case?! Well crap... That's worrisome. What'll the hackers do with that money? How many new attempts will this incentivize? What would you do in their place?

https://arstechnica.com/security/2017/06/web-host-agrees-to-pay-1m-after-its-hit-by-linux-targeting-ransomware/
4
 
LVL 11

Expert Comment

by:Maclean
Restore last good version, apologize to clients, and probably end up losing clients would be the proper thing to do.
I would assume that if it was done due to damage control, paying up would lose me more clients and face then dealing with the issue at hand best as one can. This is a terrible incentive to these type of ransomware developers. They might now target this webhost on purpose in the future.
2
 
LVL 6

Expert Comment

by:Nicholas
And the reality is now that this is public news they will lose all their customers anyway and probably be outta business within a month

If some hosting company can afford to pay that much money to get their data back they should have been able to employ someone for a lot less money to make sure it didn't happen in the first place
4
UpGuard's cyber risk analyst, Chris Vickery, discovers 198 million US voting records in an Amazon S3 bucket freely available online. One particular spreadsheet also calculates the voters probabilities for situations such as "how likely you are to have voted for a certain presidential candidate".  This breach is another reminder of how important personal data security is.
5
 
LVL 6

Expert Comment

by:Nicholas
Having this data in a public cloud provider is wrong to start with no?
After a quick glance through the article the data wasn't even encrypted.
1
 
LVL 17

Expert Comment

by:Lucas Bishop
Millions of dollars worth of data analysis, available for anyone to download for free. Brilliant!
1
7
 
LVL 6

Expert Comment

by:Nicholas
All well and good but another excuse parents will use for not monitoring their activity
From my time in the Boy Scouts, earning badges was not exactly hard so this should not be used as a "real" training ground for computer use and its bad and good aspects
0
 
LVL 66

Expert Comment

by:Jim Horn
This was actually a raucous debate within Scouting.  The conflict was that we tell kids to turn off the TV and go outdoors and learn things, yet Scouting magazine accepts millions of advertising revenue from video game manufactures.  

The compromise was to not change the advertising and add to the advancement boy scout merit badges such as Game Design, Digital Technology, and Programming.

In my son's former troop we have this thing called 'Merit Badge Madness' where the parents present merit badge classes for an entire month.  Half of the parents work in computers in varying skillsets, so we have that one down.
1
Amazon recently filed a patent for a system wherein while someone is shopping inside of a store, and using that store's wifi connection, the store owner is able to inspect the wifi packets to see if a competitive product is being viewed and then issue a "control" action in response.

Basically if you want to price shop while inside of a retailer, they'll be able to block the action from happening.

http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=9665881.PN.&OS=PN/9665881&RS=PN/9665881
4
 
LVL 10

Expert Comment

by:Andrew Leniart
With mobile data plans so affordable these days, combined with the great speeds 4G provides, I don't get why people still auto connect to public wifi hotspots at all? They're fraught with hackers and an easy way of getting yourself infected with something.  

Never use them myself so the expensive patent application is a waste of money on Amazon's part so far as I'm concerned.
0
 
LVL 17

Author Comment

by:Lucas Bishop
In most of the big box stores, I lose my LTE signal and have to use their wi-fi. I use a secure vpn when connecting, but your average consumer just blindly connects.
1
0
Transaction Monitoring Vs. Real User Monitoring
LVL 1
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Microsoft June 2017 Patchday:

KB3203467 Outlook 2010 security hotfix seems to break Outlook attachments when e-mail arrives in Rich Text format.
Weird error appears referring to Outlook should be installed.

Uninstalling the hotfix solves the error.
 
0
2
Once again, security threats are prompting Microsoft to provide patches for Windows XP, which theoretically isn't supposed to be supported by them anymore. While it sucks to have to support old systems like this, it's a good call on their part. Security weaknesses in one version of Windows can weaken the entire ecosystem by allowing the spread of malicious software.

https://www.theverge.com/2017/6/13/15790030/microsoft-windows-xp-vista-security-updates-june-2017
6
 
LVL 10

Expert Comment

by:Andrew Leniart
Just read that article and was interested to read this.. "Windows XP computers were mostly immune to WannaCry"

Not that I'm condoning folks should continue to run XP of course, but I found this very interesting "Almost all WannaCry victims were running Windows 7"

Just goes to show how slack a lot of people are with regards to downloading their updates I guess.
0
 
LVL 121

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
although we have plenty of clients, that had missing updates since Feb 2017, and they were not caught out!

because FIREWALLs and GROUP POLICIES, and restricted Applications!

The layered approach!
0
2
"Experts say that widespread hacks of cars may soon become a reality." In the very near future, I expect an extra upsell for a top of the line security package, in addition to the usual upsells, like leather or heated seats.

https://www.washingtonpost.com/news/the-switch/wp/2017/06/01/how-hacked-computer-code-allegedly-helped-biker-gang-steal-150-jeeps/?utm_term=.a1cc284aae86
0
 
LVL 6

Expert Comment

by:Brian Matis
Intriguing... When it comes to handling security issues like the one described in the article, it sounds like the automaker either had a breach of their key code database and/or a bad process for authenticating duplicate key requests. I'd say the automaker should deal with fixing those sorts of issues just like they would a safety recall. A certain baseline of security is to be expected. Like, if there was a mistake in an old-style non-electronic key that meant the same key would work in all cars of that model... You'd better believe we'd expect the automaker to cover that cost of fixing it.

But just like a car alarm can be a security upsell, I could easily envision new high-tech security add-ons to help against potential theft. Like maybe a car that would text you if it was taken for a drive at a time you don't usually drive it?
0
After the WannaCry ransomware attack, we sat down with Thomas Zucker-Scharff to get the inside information on the technology behind the attack and what steps you can take to prevent this in the future. Read more of his advice. Take a step toward your security by enrolling in our free Course of the Month covering ransomware security and prevention written by Thomas.

4

Security

23K

Solutions

174

Articles & Videos

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.