Tax filing due date for individuals is April 18th this year, which is soon approaching. The IRS recently alerted taxpayers to be watchful for last-minute phishing email scams. Cybercriminals continue to send phishing emails requesting employee W2 information. They are also sending scam emails to tax preparers asking for a change of disbursement of refunds to a prepaid debit card or to a different bank account. Scam tax fraud is a huge business. The IRS said tax fraud due to
Most people are affected by connected vehicles in some form or another. This may take the form of the user driving their car to the grocery store or to work, the cabs driving people home, the rental vehicle from the airport, a driver using the map function in the infotainment center, and buses being driven through the suburbs and city. Most of these vehicles being seen every day are connected and a very small portion of these are autonomous. To accomplish this level of conne
How the hack began According to FBI news, the hack began with a straight forward spear-phishing scam. It took only one employee to click on a scam link and the cybercriminal has access to Yahoo’s system. The criminal then search Yahoo’s network to locate the email database and related account management tool. The criminal then created a back door to Yahoo’s system. The hacker later transferred the database and account management tool to his computer. The initial cybercriminal
Skype is a well-used and accepted application used to communicate, for consumers and commercial purposed, with a combined auditory and visual factors. This is used to catch up with friends or have a business meeting. Recently an issue was noted. There is a backdoor that was noted in the Skype app as used with Apple’s Mac OS and Mac OSX. This could be used to monitor the user’s activities and communications. This would be done without the knowledge of either party on the call.
There are constantly new attacks on various pieces of equipment, both consumer and commercial. With so many vulnerabilities and such a large attack surface, the attacks will increase in numbers and the unique types of attacks. The attackers feel this is a viable option for their 15 minutes of fame. Others may seek knowledge and seeking vulnerabilities because they are present. The intent is not malicious, but a product of a curious mind. Currently, a researcher has engineered
Attackers have a single focus in many of these cases. This may be to embarrass the entity, have the accounting department urgently wire funds on behalf of the CEO, or to encrypt files and charge a fee for a decrypt key. These attacks may have, dependent on the circumstances, naturally intended circumstances, but also unintended effects. The intended, direct effects may be malicious, with files being deleted or sensitive, confidential data being leaked into the media mainstrea
Recently, there have been two examples of malware discovered in devices using Android. These downloader Trojans were found to be in the device’s firmware. These have been coded with the ability to contact their C&C servers. With this functionality these are able to receive updates and patches, be directed on which apps to download to be used in attacks against the host, and begin their operation when the individual device is turned on These Trojans were coded with the intent
The number of businesses through the nation is rather large. Many of these know they are regularly targeted. Too many of the remainder businesses are hoping that security by obscurity works. It does not. Small- and medium-businesses (SMB) are actively targeted by the attackers due to this lack of sufficient focus on Infosec. One symptom of this is a lack of a security policy, or one in place on the shelf with a large amount of dust due to a lack of any review for years. This